MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-17 07:13:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge pull request #58718 from Ma27/validate-ssh-configs

Browse source 
nixos/sshd: validate ssh configs during build
This commit is contained in:
Franz Pletz 2019-05-24 18:30:04 +00:00 committed by GitHub
commit eb7c11d552
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
nixos/modules/services/networking/ssh/sshd.nix
View file

@ -4,6 +4,15 @@ with lib;
let
sshconf = pkgs.runCommand "sshd.conf-validated" { nativeBuildInputs = [ cfgc.package ]; } ''
cat >$out <<EOL
${cfg.extraConfig}
EOL
ssh-keygen -f mock-hostkey -N ""
sshd -t -f $out -h mock-hostkey
'';
cfg = config.services.openssh;
cfgc = config.programs.ssh;
@ -339,7 +348,7 @@ in
environment.etc = authKeysFiles //
{ "ssh/moduli".source = cfg.moduliFile;
"ssh/sshd_config".text = cfg.extraConfig;
"ssh/sshd_config".source = sshconf;
};
systemd =