nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-02 15:41:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

initrd-ssh: add ignoreEmptyHostKeys option

Browse Source
This commit is contained in:
phaer 2022-12-03 14:58:52 +01:00
parent 1fc076154c
commit 3c1906b202
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
nixos/modules/system/boot/initrd-ssh.nix
View File

@ -73,6 +73,15 @@ in
'';
};
ignoreEmptyHostKeys = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc ''
Allow leaving {option}`config.boot.initrd.network.ssh` empty,
to deploy ssh host keys out of band.
'';
};
authorizedKeys = mkOption {
type = types.listOf types.str;
default = config.users.users.root.openssh.authorizedKeys.keys;
@ -141,7 +150,7 @@ in
}
{
assertion = cfg.hostKeys != [];
assertion = (cfg.hostKeys != []) || cfg.ignoreEmptyHostKeys;
message = ''
You must now pre-generate the host keys for initrd SSH.
See the boot.initrd.network.ssh.hostKeys documentation