diff options
| author | Franz Pletz <fpletz@fnordicwalking.de> | 2019-05-24 18:30:04 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-05-24 18:30:04 +0000 |
| commit | eb7c11d55244e4393777c157329f6c51b212d5c3 (patch) | |
| tree | 03eadb417a65a1c84073c43c7e57daff0a2b0a35 /nixos/modules/services/networking/ssh | |
| parent | 4edbd027e23f8557f8a326ebfaad7adc353fa4f9 (diff) | |
| parent | 00a52224997a32cd95a43c40e94e20d53bb52628 (diff) | |
| download | nixpkgs-eb7c11d55244e4393777c157329f6c51b212d5c3.tar nixpkgs-eb7c11d55244e4393777c157329f6c51b212d5c3.tar.gz nixpkgs-eb7c11d55244e4393777c157329f6c51b212d5c3.tar.bz2 nixpkgs-eb7c11d55244e4393777c157329f6c51b212d5c3.tar.lz nixpkgs-eb7c11d55244e4393777c157329f6c51b212d5c3.tar.xz nixpkgs-eb7c11d55244e4393777c157329f6c51b212d5c3.tar.zst nixpkgs-eb7c11d55244e4393777c157329f6c51b212d5c3.zip | |
Merge pull request #58718 from Ma27/validate-ssh-configs
nixos/sshd: validate ssh configs during build
Diffstat (limited to 'nixos/modules/services/networking/ssh')
| -rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index cbb305cd382..89f56a726f4 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -4,6 +4,15 @@ with lib; let + sshconf = pkgs.runCommand "sshd.conf-validated" { nativeBuildInputs = [ cfgc.package ]; } '' + cat >$out <<EOL + ${cfg.extraConfig} + EOL + + ssh-keygen -f mock-hostkey -N "" + sshd -t -f $out -h mock-hostkey + ''; + cfg = config.services.openssh; cfgc = config.programs.ssh; @@ -339,7 +348,7 @@ in environment.etc = authKeysFiles // { "ssh/moduli".source = cfg.moduliFile; - "ssh/sshd_config".text = cfg.extraConfig; + "ssh/sshd_config".source = sshconf; }; systemd = |