pyrox.dev
Merge pull request #32268 from volth/patch-74
nixos/initrd-ssh: generate hostkeys if absent
authored by Jörg Thalheim and committed by GitHub 4844fbc2 0fe97853
+1
-4
nixos/modules/system/boot/initrd-ssh.nix
+1
-4
nixos/modules/system/boot/initrd-ssh.nix
···
89
90
config = mkIf (config.boot.initrd.network.enable && cfg.enable) {
91
assertions = [
92
-
{ assertion = cfg.hostRSAKey != null || cfg.hostDSSKey != null || cfg.hostECDSAKey != null;
93
-
message = "You should specify at least one host key for initrd SSH";
94
-
}
95
{ assertion = cfg.authorizedKeys != [];
96
message = "You should specify at least one authorized key for initrd SSH";
97
}
···
121
echo ${escapeShellArg key} >> /root/.ssh/authorized_keys
122
'') cfg.authorizedKeys)}
123
124
-
dropbear -s -j -k -E -m -p ${toString cfg.port}
125
'';
126
127
boot.initrd.secrets =
···
89
90
config = mkIf (config.boot.initrd.network.enable && cfg.enable) {
91
assertions = [
92
{ assertion = cfg.authorizedKeys != [];
93
message = "You should specify at least one authorized key for initrd SSH";
94
}
···
118
echo ${escapeShellArg key} >> /root/.ssh/authorized_keys
119
'') cfg.authorizedKeys)}
120
121
+
dropbear -s -j -k -E -m -p ${toString cfg.port} ${optionalString (cfg.hostRSAKey == null && cfg.hostDSSKey == null && cfg.hostECDSAKey == null) "-R"}
122
'';
123
124
boot.initrd.secrets =