diff options
author | Russell O'Connor <oconnorr@google.com> | 2014-12-29 18:04:37 -0500 |
---|---|---|
committer | Russell O'Connor <oconnorr@google.com> | 2015-01-05 15:20:55 -0500 |
commit | d1cbbff1e36e66dcf1aa9bb445fd03bc0c77433c (patch) | |
tree | f7b4d805f8884fafe588eab6d824e0bf00031f0f /nixos | |
parent | 6382e16014af0e33e33c2e8bdd4fc52fe18c195c (diff) | |
download | nixlib-d1cbbff1e36e66dcf1aa9bb445fd03bc0c77433c.tar nixlib-d1cbbff1e36e66dcf1aa9bb445fd03bc0c77433c.tar.gz nixlib-d1cbbff1e36e66dcf1aa9bb445fd03bc0c77433c.tar.bz2 nixlib-d1cbbff1e36e66dcf1aa9bb445fd03bc0c77433c.tar.lz nixlib-d1cbbff1e36e66dcf1aa9bb445fd03bc0c77433c.tar.xz nixlib-d1cbbff1e36e66dcf1aa9bb445fd03bc0c77433c.tar.zst nixlib-d1cbbff1e36e66dcf1aa9bb445fd03bc0c77433c.zip |
Call wget directly in fetch-ssh-keys service.
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/virtualisation/google-compute-image.nix | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/nixos/modules/virtualisation/google-compute-image.nix b/nixos/modules/virtualisation/google-compute-image.nix index 287081be01b7..f6830b2f09fe 100644 --- a/nixos/modules/virtualisation/google-compute-image.nix +++ b/nixos/modules/virtualisation/google-compute-image.nix @@ -132,17 +132,15 @@ in after = [ "network-online.target" ]; wants = [ "network-online.target" ]; - path = [ pkgs.wget ]; - script = + script = let wget = "${pkgs.wget}/bin/wget --retry-connrefused -t 6 --waitretry=10"; in '' # When dealing with cryptographic keys, we want to keep things private. umask 077 - wget="wget --retry-connrefused -t 6 --waitretry=10" # Don't download the SSH key if it has already been downloaded if ! [ -e /root/.ssh/authorized_keys ]; then echo "obtaining SSH key..." mkdir -p /root/.ssh - $wget -O /root/authorized-keys-metadata http://metadata/0.1/meta-data/authorized-keys + ${wget} -O /root/authorized-keys-metadata http://metadata/0.1/meta-data/authorized-keys if [ $? -eq 0 -a -e /root/authorized-keys-metadata ]; then cat /root/authorized-keys-metadata | cut -d: -f2- > /root/key.pub if ! grep -q -f /root/key.pub /root/.ssh/authorized_keys; then @@ -155,7 +153,7 @@ in fi echo "obtaining SSH private host key..." - $wget -O /root/ssh_host_ecdsa_key http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key + ${wget} -O /root/ssh_host_ecdsa_key http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key if [ $? -eq 0 -a -e /root/ssh_host_ecdsa_key ]; then mv -f /root/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key echo "downloaded ssh_host_ecdsa_key" @@ -163,7 +161,7 @@ in fi echo "obtaining SSH public host key..." - $wget -O /root/ssh_host_ecdsa_key.pub http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key_pub + ${wget} -O /root/ssh_host_ecdsa_key.pub http://metadata/0.1/meta-data/attributes/ssh_host_ecdsa_key_pub if [ $? -eq 0 -a -e /root/ssh_host_ecdsa_key.pub ]; then mv -f /root/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub echo "downloaded ssh_host_ecdsa_key.pub" |