Merge pull request #155517 from Radvendii/knownHosts
programs.ssh.knownHosts.<name>.hostNames -> extraHostNames
This commit is contained in:
commit
ce49a1d98c
3 changed files with 30 additions and 11 deletions
|
@ -544,6 +544,15 @@
|
|||
usage in non-X11 environments, e.g. Wayland.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link linkend="opt-programs.ssh.knownHosts">programs.ssh.knownHosts</link>
|
||||
has gained an <literal>extraHostNames</literal> option to
|
||||
replace <literal>hostNames</literal>.
|
||||
<literal>hostNames</literal> is deprecated, but still
|
||||
available for now.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>services.stubby</literal> module was converted to
|
||||
|
|
|
@ -190,6 +190,9 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
`services.xserver.enable`. This allows easy usage in non-X11 environments,
|
||||
e.g. Wayland.
|
||||
|
||||
- [programs.ssh.knownHosts](#opt-programs.ssh.knownHosts) has gained an `extraHostNames`
|
||||
option to replace `hostNames`. `hostNames` is deprecated, but still available for now.
|
||||
|
||||
- The `services.stubby` module was converted to a [settings-style](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) configuration.
|
||||
|
||||
- The option `services.duplicati.dataDir` has been added to allow changing the location of duplicati's files.
|
||||
|
|
|
@ -17,7 +17,7 @@ let
|
|||
exec ${askPassword} "$@"
|
||||
'';
|
||||
|
||||
knownHosts = map (h: getAttr h cfg.knownHosts) (attrNames cfg.knownHosts);
|
||||
knownHosts = attrValues cfg.knownHosts;
|
||||
|
||||
knownHostsText = (flip (concatMapStringsSep "\n") knownHosts
|
||||
(h: assert h.hostNames != [];
|
||||
|
@ -142,7 +142,7 @@ in
|
|||
|
||||
knownHosts = mkOption {
|
||||
default = {};
|
||||
type = types.attrsOf (types.submodule ({ name, ... }: {
|
||||
type = types.attrsOf (types.submodule ({ name, config, options, ... }: {
|
||||
options = {
|
||||
certAuthority = mkOption {
|
||||
type = types.bool;
|
||||
|
@ -154,12 +154,22 @@ in
|
|||
};
|
||||
hostNames = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
default = [ name ] ++ config.extraHostNames;
|
||||
defaultText = literalExpression "[ ${name} ] ++ config.${options.extraHostNames}";
|
||||
description = ''
|
||||
DEPRECATED, please use <literal>extraHostNames</literal>.
|
||||
A list of host names and/or IP numbers used for accessing
|
||||
the host's ssh service.
|
||||
'';
|
||||
};
|
||||
extraHostNames = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = ''
|
||||
A list of additional host names and/or IP numbers used for
|
||||
accessing the host's ssh service.
|
||||
'';
|
||||
};
|
||||
publicKey = mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
|
@ -186,9 +196,6 @@ in
|
|||
'';
|
||||
};
|
||||
};
|
||||
config = {
|
||||
hostNames = mkDefault [ name ];
|
||||
};
|
||||
}));
|
||||
description = ''
|
||||
The set of system-wide known SSH hosts.
|
||||
|
@ -196,13 +203,10 @@ in
|
|||
example = literalExpression ''
|
||||
{
|
||||
myhost = {
|
||||
hostNames = [ "myhost" "myhost.mydomain.com" "10.10.1.4" ];
|
||||
extraHostNames = [ "myhost.mydomain.com" "10.10.1.4" ];
|
||||
publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub;
|
||||
};
|
||||
myhost2 = {
|
||||
hostNames = [ "myhost2" ];
|
||||
publicKeyFile = ./pubkeys/myhost2_ssh_host_dsa_key.pub;
|
||||
};
|
||||
"myhost2.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIRuJ8p1Fi+m6WkHV0KWnRfpM1WxoW8XAS+XvsSKsTK";
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
@ -275,6 +279,9 @@ in
|
|||
message = "knownHost ${name} must contain either a publicKey or publicKeyFile";
|
||||
});
|
||||
|
||||
warnings = mapAttrsToList (name: _: ''programs.ssh.knownHosts.${name}.hostNames is deprecated, use programs.ssh.knownHosts.${name}.extraHostNames'')
|
||||
(filterAttrs (name: {hostNames, extraHostNames, ...}: hostNames != [ name ] ++ extraHostNames) cfg.knownHosts);
|
||||
|
||||
# SSH configuration. Slight duplication of the sshd_config
|
||||
# generation in the sshd service.
|
||||
environment.etc."ssh/ssh_config".text =
|
||||
|
|
Loading…
Reference in a new issue