system.activationScripts.sshd = {
deps = [ "secrets" ];
text = ''
- install -Dm400 -o nobody -g nogroup -T /var/secrets/ssh-ldap /etc/ssh/ldap_password
+ install -Dm400 -o nobody -g nogroup -T ${config.secrets.fullPaths."ssh-ldap"} /etc/ssh/ldap_password
'';
};
# ssh is strict about parent directory having correct rights, don't