diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking')
-rw-r--r-- | nixpkgs/nixos/modules/services/networking/bind.nix | 2 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/services/networking/openvpn.nix | 2 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/services/networking/ssh/sshd.nix | 10 |
3 files changed, 11 insertions, 3 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/bind.nix b/nixpkgs/nixos/modules/services/networking/bind.nix index 98486cefd528..7f89cff22329 100644 --- a/nixpkgs/nixos/modules/services/networking/bind.nix +++ b/nixpkgs/nixos/modules/services/networking/bind.nix @@ -184,7 +184,7 @@ in preStart = '' mkdir -m 0755 -p /etc/bind if ! [ -f "/etc/bind/rndc.key" ]; then - ${pkgs.bind.out}/sbin/rndc-confgen -r /dev/urandom -c /etc/bind/rndc.key -u ${bindUser} -a -A hmac-sha256 2>/dev/null + ${pkgs.bind.out}/sbin/rndc-confgen -c /etc/bind/rndc.key -u ${bindUser} -a -A hmac-sha256 2>/dev/null fi ${pkgs.coreutils}/bin/mkdir -p /run/named diff --git a/nixpkgs/nixos/modules/services/networking/openvpn.nix b/nixpkgs/nixos/modules/services/networking/openvpn.nix index b94b4026fd91..f47122ee70bf 100644 --- a/nixpkgs/nixos/modules/services/networking/openvpn.nix +++ b/nixpkgs/nixos/modules/services/networking/openvpn.nix @@ -85,7 +85,7 @@ in { server = { config = ''' - # Simplest server configuration: http://openvpn.net/index.php/documentation/miscellaneous/static-key-mini-howto.html. + # Simplest server configuration: https://community.openvpn.net/openvpn/wiki/StaticKeyMiniHowto # server : dev tun ifconfig 10.8.0.1 10.8.0.2 diff --git a/nixpkgs/nixos/modules/services/networking/ssh/sshd.nix b/nixpkgs/nixos/modules/services/networking/ssh/sshd.nix index 89f56a726f46..0f9d2420903b 100644 --- a/nixpkgs/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixpkgs/nixos/modules/services/networking/ssh/sshd.nix @@ -4,7 +4,15 @@ with lib; let - sshconf = pkgs.runCommand "sshd.conf-validated" { nativeBuildInputs = [ cfgc.package ]; } '' + # The splicing information needed for nativeBuildInputs isn't available + # on the derivations likely to be used as `cfgc.package`. + # This middle-ground solution ensures *an* sshd can do their basic validation + # on the configuration. + validationPackage = if pkgs.stdenv.buildPlatform == pkgs.stdenv.hostPlatform + then [ cfgc.package ] + else [ pkgs.buildPackages.openssh ]; + + sshconf = pkgs.runCommand "sshd.conf-validated" { nativeBuildInputs = [ validationPackage ]; } '' cat >$out <<EOL ${cfg.extraConfig} EOL |