-{ lib, pkgs, config, myconfig, ... }:
+{ lib, pkgs, config, ... }:
let
cfg = config.myServices.ssh;
in
user = "nobody";
group = "nogroup";
permissions = "0400";
- text = myconfig.env.sshd.ldap.password;
+ text = config.myEnv.sshd.ldap.password;
}];
system.activationScripts.sshd = {
deps = [ "secrets" ];
substituteAll ${./ldap_authorized_keys.sh} $out
chmod a+x $out
'';
- ldap_authorized_keys =
- pkgs.mylibs.wrap {
- name = "ldap_authorized_keys";
- file = fullScript;
- paths = deps;
- };
+ ldap_authorized_keys = pkgs.runCommand "ldap_authorized_keys" {
+ buildInputs = [ pkgs.makeWrapper ];
+ } ''
+ makeWrapper "${fullScript}" "$out" --prefix PATH : ${lib.makeBinPath deps}
+ '';
in {
enable = true;
mode = "0755";