diff options
Diffstat (limited to 'nixops/modules/ssh/default.nix')
| -rw-r--r-- | nixops/modules/ssh/default.nix | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/nixops/modules/ssh/default.nix b/nixops/modules/ssh/default.nix index 81b7751..4dc0d65 100644 --- a/nixops/modules/ssh/default.nix +++ b/nixops/modules/ssh/default.nix | |||
| @@ -15,9 +15,12 @@ | |||
| 15 | permissions = "0400"; | 15 | permissions = "0400"; |
| 16 | text = myconfig.env.sshd.ldap.password; | 16 | text = myconfig.env.sshd.ldap.password; |
| 17 | }]; | 17 | }]; |
| 18 | system.activationScripts.sshd = '' | 18 | system.activationScripts.sshd = { |
| 19 | deps = [ "secrets" ]; | ||
| 20 | text = '' | ||
| 19 | install -Dm400 -o nobody -g nogroup -T /var/secrets/ssh-ldap /etc/ssh/ldap_password | 21 | install -Dm400 -o nobody -g nogroup -T /var/secrets/ssh-ldap /etc/ssh/ldap_password |
| 20 | ''; | 22 | ''; |
| 23 | }; | ||
| 21 | # ssh is strict about parent directory having correct rights, don't | 24 | # ssh is strict about parent directory having correct rights, don't |
| 22 | # move it in the nix store. | 25 | # move it in the nix store. |
| 23 | environment.etc."ssh/ldap_authorized_keys" = let | 26 | environment.etc."ssh/ldap_authorized_keys" = let |