diff options
author | Nikolay Amiantov <ab@fmap.me> | 2016-08-23 16:05:28 +0300 |
---|---|---|
committer | Nikolay Amiantov <ab@fmap.me> | 2016-08-23 16:20:26 +0300 |
commit | 1df4dd6bf568a5eb75f07a60bda4e5ca406cc7b4 (patch) | |
tree | fc0076d1edb5ee5c1959e50c08a9f181a52779d7 /nixos/modules/system/boot/initrd-ssh.nix | |
parent | ab08440f9c2783d8a6d3630ca159dbcebf64b5b4 (diff) | |
download | nixlib-1df4dd6bf568a5eb75f07a60bda4e5ca406cc7b4.tar nixlib-1df4dd6bf568a5eb75f07a60bda4e5ca406cc7b4.tar.gz nixlib-1df4dd6bf568a5eb75f07a60bda4e5ca406cc7b4.tar.bz2 nixlib-1df4dd6bf568a5eb75f07a60bda4e5ca406cc7b4.tar.lz nixlib-1df4dd6bf568a5eb75f07a60bda4e5ca406cc7b4.tar.xz nixlib-1df4dd6bf568a5eb75f07a60bda4e5ca406cc7b4.tar.zst nixlib-1df4dd6bf568a5eb75f07a60bda4e5ca406cc7b4.zip |
initrd-ssh service: ensure that keys got copied into initrd
Fixes #17927.
Diffstat (limited to 'nixos/modules/system/boot/initrd-ssh.nix')
-rw-r--r-- | nixos/modules/system/boot/initrd-ssh.nix | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/nixos/modules/system/boot/initrd-ssh.nix b/nixos/modules/system/boot/initrd-ssh.nix index d0a4ce51148f..bc899984c57d 100644 --- a/nixos/modules/system/boot/initrd-ssh.nix +++ b/nixos/modules/system/boot/initrd-ssh.nix @@ -93,6 +93,10 @@ in boot.initrd.extraUtilsCommands = '' copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear cp -pv ${pkgs.glibc.out}/lib/libnss_files.so.* $out/lib + + ${optionalString (cfg.hostRSAKey != null) "install -D ${cfg.hostRSAKey} $out/etc/dropbear/dropbear_rsa_host_key"} + ${optionalString (cfg.hostDSSKey != null) "install -D ${cfg.hostDSSKey} $out/etc/dropbear/dropbear_dss_host_key"} + ${optionalString (cfg.hostECDSAKey != null) "install -D ${cfg.hostECDSAKey} $out/etc/dropbear/dropbear_ecdsa_host_key"} ''; boot.initrd.extraUtilsCommandsTest = '' @@ -108,9 +112,9 @@ in touch /var/log/lastlog mkdir -p /etc/dropbear - ${optionalString (cfg.hostRSAKey != null) "ln -s ${cfg.hostRSAKey} /etc/dropbear/dropbear_rsa_host_key"} - ${optionalString (cfg.hostDSSKey != null) "ln -s ${cfg.hostDSSKey} /etc/dropbear/dropbear_dss_host_key"} - ${optionalString (cfg.hostECDSAKey != null) "ln -s ${cfg.hostECDSAKey} /etc/dropbear/dropbear_ecdsa_host_key"} + ${optionalString (cfg.hostRSAKey != null) "ln -s $extraUtils/etc/dropbear/dropbear_rsa_host_key /etc/dropbear/dropbear_rsa_host_key"} + ${optionalString (cfg.hostDSSKey != null) "ln -s $extraUtils/etc/dropbear/dropbear_dss_host_key /etc/dropbear/dropbear_dss_host_key"} + ${optionalString (cfg.hostECDSAKey != null) "ln -s $extraUtils/etc/dropbear/dropbear_ecdsa_host_key /etc/dropbear/dropbear_ecdsa_host_key"} mkdir -p /root/.ssh ${concatStrings (map (key: '' |