pyrox.dev / nixpkgs
lol
fork atom

initrd-ssh service: ensure that keys got copied into initrd

Fixes #17927.

Nikolay Amiantov 1df4dd6b ab08440f

options
unified split
Changed files
+7 -3
nixos
modules
system
boot
initrd-ssh.nix
+7 -3
nixos/modules/system/boot/initrd-ssh.nix 
···

       
93

       
 

       
    boot.initrd.extraUtilsCommands = ''


     

       
94

       
 

       
      copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear


     

       
95

       
 

       
      cp -pv ${pkgs.glibc.out}/lib/libnss_files.so.* $out/lib


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
96

       
 

       
    '';


     

       
97

       
 

       



     

       
98

       
 

       
    boot.initrd.extraUtilsCommandsTest = ''


     
···

       
108

       
 

       
      touch /var/log/lastlog


     

       
109

       
 

       



     

       
110

       
 

       
      mkdir -p /etc/dropbear


     

       
111

       
-

       
      ${optionalString (cfg.hostRSAKey != null) "ln -s ${cfg.hostRSAKey} /etc/dropbear/dropbear_rsa_host_key"}


     

       
112

       
-

       
      ${optionalString (cfg.hostDSSKey != null) "ln -s ${cfg.hostDSSKey} /etc/dropbear/dropbear_dss_host_key"}


     

       
113

       
-

       
      ${optionalString (cfg.hostECDSAKey != null) "ln -s ${cfg.hostECDSAKey} /etc/dropbear/dropbear_ecdsa_host_key"}


     

       
114

       
 

       



     

       
115

       
 

       
      mkdir -p /root/.ssh


     

       
116

       
 

       
      ${concatStrings (map (key: ''


     
···

       
93

       
 

       
    boot.initrd.extraUtilsCommands = ''


     

       
94

       
 

       
      copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear


     

       
95

       
 

       
      cp -pv ${pkgs.glibc.out}/lib/libnss_files.so.* $out/lib


     

       
96

       
+

       



     

       
97

       
+

       
      ${optionalString (cfg.hostRSAKey != null) "install -D ${cfg.hostRSAKey} $out/etc/dropbear/dropbear_rsa_host_key"}


     

       
98

       
+

       
      ${optionalString (cfg.hostDSSKey != null) "install -D ${cfg.hostDSSKey} $out/etc/dropbear/dropbear_dss_host_key"}


     

       
99

       
+

       
      ${optionalString (cfg.hostECDSAKey != null) "install -D ${cfg.hostECDSAKey} $out/etc/dropbear/dropbear_ecdsa_host_key"}


     

       
100

       
 

       
    '';


     

       
101

       
 

       



     

       
102

       
 

       
    boot.initrd.extraUtilsCommandsTest = ''


     
···

       
112

       
 

       
      touch /var/log/lastlog


     

       
113

       
 

       



     

       
114

       
 

       
      mkdir -p /etc/dropbear


     

       
115

       
+

       
      ${optionalString (cfg.hostRSAKey != null) "ln -s $extraUtils/etc/dropbear/dropbear_rsa_host_key /etc/dropbear/dropbear_rsa_host_key"}


     

       
116

       
+

       
      ${optionalString (cfg.hostDSSKey != null) "ln -s $extraUtils/etc/dropbear/dropbear_dss_host_key /etc/dropbear/dropbear_dss_host_key"}


     

       
117

       
+

       
      ${optionalString (cfg.hostECDSAKey != null) "ln -s $extraUtils/etc/dropbear/dropbear_ecdsa_host_key /etc/dropbear/dropbear_ecdsa_host_key"}


     

       
118

       
 

       



     

       
119

       
 

       
      mkdir -p /root/.ssh


     

       
120

       
 

       
      ${concatStrings (map (key: ''