From 8d213e2b1c934f6861f76aad5eb7c11097fa97de Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Wed, 22 May 2019 20:55:28 +0200
Subject: Move rest of the modules outside of nixops

---
 nixops/modules/ssh/default.nix | 40 ----------------------------------------
 1 file changed, 40 deletions(-)
 delete mode 100644 nixops/modules/ssh/default.nix

(limited to 'nixops/modules/ssh/default.nix')

diff --git a/nixops/modules/ssh/default.nix b/nixops/modules/ssh/default.nix
deleted file mode 100644
index beedaff..0000000
--- a/nixops/modules/ssh/default.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{ lib, pkgs, config, myconfig, ... }:
-{
-  config = {
-    networking.firewall.allowedTCPPorts = [ 22 ];
-
-    services.openssh.extraConfig = ''
-      AuthorizedKeysCommand     /etc/ssh/ldap_authorized_keys
-      AuthorizedKeysCommandUser nobody
-      '';
-
-    secrets.keys = [{
-      dest = "ssh-ldap";
-      user = "nobody";
-      group = "nogroup";
-      permissions = "0400";
-      text = myconfig.env.sshd.ldap.password;
-    }];
-    system.activationScripts.sshd = {
-      deps = [ "secrets" ];
-      text = ''
-      install -Dm400 -o nobody -g nogroup -T /var/secrets/ssh-ldap /etc/ssh/ldap_password
-      '';
-    };
-    # ssh is strict about parent directory having correct rights, don't
-    # move it in the nix store.
-    environment.etc."ssh/ldap_authorized_keys" = let
-      ldap_authorized_keys =
-        pkgs.mylibs.wrap {
-          name = "ldap_authorized_keys";
-          file = ./ldap_authorized_keys.sh;
-          paths = [ pkgs.which pkgs.gitolite pkgs.openldap pkgs.stdenv.shellPackage pkgs.gnugrep pkgs.gnused pkgs.coreutils ];
-        };
-    in {
-      enable = true;
-      mode = "0755";
-      user = "root";
-      source = ldap_authorized_keys;
-    };
-  };
-}
-- 
cgit v1.2.3