Rename services.sshd' to
services.openssh'.
svn path=/nixos/trunk/; revision=20574
This commit is contained in:
parent
bcd3cd85f3
commit
d1b4b7fd28
@ -73,7 +73,13 @@ in zipModules ([]
|
||||
|
||||
++ rename obsolete "boot.initrd.extraKernelModules" to "boot.initrd.kernelModules"
|
||||
|
||||
# X11
|
||||
# OpenSSH
|
||||
++ rename obsolete "services.sshd.ports" to "services.openssh.ports"
|
||||
++ rename obsolete "services.sshd.enable" to "services.openssh.enable"
|
||||
++ rename obsolete "services.sshd.allowSFTP" to "services.openssh.allowSFTP"
|
||||
++ rename obsolete "services.sshd.forwardX11" to "services.openssh.forwardX11"
|
||||
++ rename obsolete "services.sshd.gatewayPorts" to "services.openssh.gatewayPorts"
|
||||
++ rename obsolete "services.sshd.permitRootLogin" to "services.openssh.permitRootLogin"
|
||||
++ rename obsolete "services.xserver.startSSHAgent" to "services.xserver.startOpenSSHAgent"
|
||||
|
||||
# KDE
|
||||
|
@ -4,9 +4,7 @@ with pkgs.lib;
|
||||
|
||||
let
|
||||
|
||||
inherit (pkgs) openssh;
|
||||
|
||||
cfg = config.services.sshd;
|
||||
cfg = config.services.openssh;
|
||||
|
||||
nssModulesPath = config.system.nssModules.path;
|
||||
|
||||
@ -27,7 +25,7 @@ let
|
||||
"}
|
||||
|
||||
${if cfg.allowSFTP then "
|
||||
Subsystem sftp ${openssh}/libexec/sftp-server
|
||||
Subsystem sftp ${pkgs.openssh}/libexec/sftp-server
|
||||
" else "
|
||||
"}
|
||||
|
||||
@ -49,13 +47,13 @@ in
|
||||
|
||||
options = {
|
||||
|
||||
services.sshd = {
|
||||
services.openssh = {
|
||||
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable the Secure Shell daemon, which allows secure
|
||||
remote logins.
|
||||
Whether to enable the OpenSSH secure shell daemon, which
|
||||
allows secure remote logins.
|
||||
'';
|
||||
};
|
||||
|
||||
@ -111,21 +109,21 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.sshd.enable {
|
||||
config = mkIf config.services.openssh.enable {
|
||||
|
||||
users.extraUsers = singleton
|
||||
{ name = "sshd";
|
||||
{ name = "opensshd";
|
||||
uid = config.ids.uids.sshd;
|
||||
description = "SSH privilege separation user";
|
||||
home = "/var/empty";
|
||||
};
|
||||
|
||||
environment.etc = singleton
|
||||
{ source = "${openssh}/etc/ssh/moduli";
|
||||
{ source = "${pkgs.openssh}/etc/ssh/moduli";
|
||||
target = "ssh/moduli";
|
||||
};
|
||||
|
||||
jobs.sshd = {
|
||||
jobs.openssh = {
|
||||
|
||||
description = "OpenSSH server";
|
||||
|
||||
@ -138,17 +136,16 @@ in
|
||||
mkdir -m 0755 -p /etc/ssh
|
||||
|
||||
if ! test -f /etc/ssh/ssh_host_dsa_key; then
|
||||
${openssh}/bin/ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ""
|
||||
${pkgs.openssh}/bin/ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ""
|
||||
fi
|
||||
'';
|
||||
|
||||
daemonType = "fork";
|
||||
|
||||
exec = "${openssh}/sbin/sshd -h /etc/ssh/ssh_host_dsa_key -f ${sshdConfig}";
|
||||
exec = "${pkgs.openssh}/sbin/sshd -h /etc/ssh/ssh_host_dsa_key -f ${sshdConfig}";
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = cfg.ports;
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user