use mkstate for dropbear keys
This commit is contained in:
parent
2b22c7aa91
commit
ffe0e9d26b
2 changed files with 9 additions and 14 deletions
14
NEWS
14
NEWS
|
@ -60,13 +60,11 @@ these changes have been made
|
||||||
(if there's a writeable fs on /persist) or a directory (if there
|
(if there's a writeable fs on /persist) or a directory (if there
|
||||||
isn't)
|
isn't)
|
||||||
|
|
||||||
The `output` and `mkoutputs` functions defined by ${serviceFns}
|
The change will lose your ssh host key(s) unless you copy them from
|
||||||
have been updated, so unless your services are hardcoding service-state
|
the old location to the new one before rebooting into the new system
|
||||||
then the change should be seamless
|
|
||||||
|
|
||||||
|
mkdir -m 02751 -p /run/services/state/dropbear
|
||||||
|
cp /persist/secrets/dropbear/* /run/services/state/dropbear
|
||||||
|
|
||||||
|
The `output`, `mkoutputs` functions defined by ${serviceFns}
|
||||||
|
have been updated for the new location.
|
||||||
|
|
||||||
21:02:51 GMT 2024
|
|
||||||
|
|
||||||
|
|
|
@ -29,15 +29,12 @@ let
|
||||||
in
|
in
|
||||||
longrun {
|
longrun {
|
||||||
name = "sshd";
|
name = "sshd";
|
||||||
|
# we need /run/dropbear to point to hostkey storage, as that
|
||||||
|
# pathname is hardcoded into the binary.
|
||||||
# env -i clears the environment so we don't pass anything weird to
|
# env -i clears the environment so we don't pass anything weird to
|
||||||
# ssh sessions
|
# ssh sessions
|
||||||
run = ''
|
run = ''
|
||||||
if test -d /persist; then
|
ln -s $(mkstate dropbear) /run
|
||||||
mkdir -p /persist/secrets/dropbear
|
|
||||||
ln -s /persist/secrets/dropbear /run
|
|
||||||
else
|
|
||||||
mkdir -p /run/dropbear
|
|
||||||
fi
|
|
||||||
. /etc/profile # sets PATH but do we need this? it's the same file as ashrc
|
. /etc/profile # sets PATH but do we need this? it's the same file as ashrc
|
||||||
exec env -i ENV=/etc/ashrc PATH=$PATH ${dropbear}/bin/dropbear ${concatStringsSep " " options}
|
exec env -i ENV=/etc/ashrc PATH=$PATH ${dropbear}/bin/dropbear ${concatStringsSep " " options}
|
||||||
'';
|
'';
|
||||||
|
|
Loading…
Reference in a new issue