diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2015-01-11 22:04:04 +0100 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2015-01-11 22:14:25 +0100 |
| commit | 72d2d59cd4d10cab69bc981c95a1db1a7ab61930 (patch) | |
| tree | 43ce80e299d117e5e16283cfe759da78fab0e828 /nixos/modules/services/networking/ssh | |
| parent | e98a443e71cfa041bf690ed03d5b699c15875a25 (diff) | |
| download | nixlib-72d2d59cd4d10cab69bc981c95a1db1a7ab61930.tar nixlib-72d2d59cd4d10cab69bc981c95a1db1a7ab61930.tar.gz nixlib-72d2d59cd4d10cab69bc981c95a1db1a7ab61930.tar.bz2 nixlib-72d2d59cd4d10cab69bc981c95a1db1a7ab61930.tar.lz nixlib-72d2d59cd4d10cab69bc981c95a1db1a7ab61930.tar.xz nixlib-72d2d59cd4d10cab69bc981c95a1db1a7ab61930.tar.zst nixlib-72d2d59cd4d10cab69bc981c95a1db1a7ab61930.zip | |
/etc/ssh/ssh_known_hosts: refactor and fix #5612
Generating the file was refactored to be completely in nix. Functionally it should create the same content as before, only adding the newlines. CC recent updaters: @aszlig, @rickynils.
Diffstat (limited to 'nixos/modules/services/networking/ssh')
| -rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 4db8d1e25450..c0ad9e17c413 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -17,13 +17,11 @@ let knownHosts = map (h: getAttr h cfg.knownHosts) (attrNames cfg.knownHosts); - knownHostsFile = pkgs.runCommand "ssh_known_hosts" {} '' - touch "$out" - ${flip concatMapStrings knownHosts (h: '' - pubkeyfile=${builtins.toFile "host.pub" (if h.publicKey == null then readFile h.publicKeyFile else h.publicKey)} - ${pkgs.gnused}/bin/sed 's/^/${concatStringsSep "," h.hostNames} /' $pubkeyfile >> "$out" - '')} - ''; + knownHostsText = flip (concatMapStringsSep "\n") knownHosts + (h: + concatStringsSep "," h.hostNames + " " + + (if h.publicKey != null then h.publicKey else readFile h.publicKeyFile) + ); userOptions = { @@ -301,7 +299,7 @@ in { source = "${cfgc.package}/etc/ssh/moduli"; target = "ssh/moduli"; } - { source = knownHostsFile; + { text = knownHostsText; target = "ssh/ssh_known_hosts"; } ]; |