From d69dce080daf2c7004a79950e73dba6545b9097e Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Mon, 21 Nov 2016 16:17:35 +0100
Subject: [PATCH] Fix setting programs.ssh.setXAuthLocation

The configuration { services.openssh.enable = true;
services.openssh.forwardX11 = false; } caused
programs.ssh.setXAuthLocation to be set to false, which was not the
intent. The intent is that programs.ssh.setXAuthLocation should be
automatically enabled if needed or if xauth is already available.
---
 nixos/modules/programs/ssh.nix                 | 2 +-
 nixos/modules/services/networking/ssh/sshd.nix | 2 --
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix
index b6fd9868f98f..5f4d4dc9475e 100644
--- a/nixos/modules/programs/ssh.nix
+++ b/nixos/modules/programs/ssh.nix
@@ -165,7 +165,7 @@ in
   config = {
 
     programs.ssh.setXAuthLocation =
-      mkDefault (config.services.xserver.enable || config.programs.ssh.forwardX11);
+      mkDefault (config.services.xserver.enable || config.programs.ssh.forwardX11 || config.services.openssh.forwardX11);
 
     assertions =
       [ { assertion = cfg.forwardX11 -> cfg.setXAuthLocation;
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix
index 81941ce1cfb6..073391ffdbbc 100644
--- a/nixos/modules/services/networking/ssh/sshd.nix
+++ b/nixos/modules/services/networking/ssh/sshd.nix
@@ -228,8 +228,6 @@ in
 
   config = mkIf cfg.enable {
 
-    programs.ssh.setXAuthLocation = mkForce cfg.forwardX11;
-
     users.extraUsers.sshd =
       { isSystemUser = true;
         description = "SSH privilege separation user";