diff options
| author | Nikolay Amiantov <ab@fmap.me> | 2016-05-20 16:34:16 +0300 |
|---|---|---|
| committer | Nikolay Amiantov <ab@fmap.me> | 2016-05-20 23:34:28 +0300 |
| commit | 53b88524989e51c3b3da87dfa1ee8b95c32467f7 (patch) | |
| tree | 1cfb99d367357eb5ddfc7b9da56f4a3fc3d04f5e /nixos | |
| parent | ba718a917941d96648597f346cbcab726318f638 (diff) | |
| download | nixlib-53b88524989e51c3b3da87dfa1ee8b95c32467f7.tar nixlib-53b88524989e51c3b3da87dfa1ee8b95c32467f7.tar.gz nixlib-53b88524989e51c3b3da87dfa1ee8b95c32467f7.tar.bz2 nixlib-53b88524989e51c3b3da87dfa1ee8b95c32467f7.tar.lz nixlib-53b88524989e51c3b3da87dfa1ee8b95c32467f7.tar.xz nixlib-53b88524989e51c3b3da87dfa1ee8b95c32467f7.tar.zst nixlib-53b88524989e51c3b3da87dfa1ee8b95c32467f7.zip | |
initrd-ssh service: add assertions for host keys
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/system/boot/initrd-ssh.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/nixos/modules/system/boot/initrd-ssh.nix b/nixos/modules/system/boot/initrd-ssh.nix index a881459bed18..3e2805a8c341 100644 --- a/nixos/modules/system/boot/initrd-ssh.nix +++ b/nixos/modules/system/boot/initrd-ssh.nix @@ -85,6 +85,10 @@ in }; config = mkIf (config.boot.initrd.network.enable && cfg.enable) { + assertions = [ { + assertion = cfg.hostRSAKey != null || cfg.hostDSSKey != null || cfg.hostECDSAKey != null; + message = "You should specify at least one host key for initrd SSH"; + } ]; boot.initrd.extraUtilsCommands = '' copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear |