palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

init-ssh: fix tor

Browse source
This commit is contained in:
Ingolf Wagner 2020-05-20 00:31:13 +02:00
parent 5743e4bc82
commit 817d2b5bdb
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
1 changed files with 4 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
system/server/initssh.nix
View file

@ -28,15 +28,6 @@ in {
++ (map (keyFile: lib.fileContents keyFile)
config.users.users.root.openssh.authorizedKeys.keyFiles);
};
hostDSSKey = mkOption {
default = null;
type = with types; nullOr path;
description = ''
you only need one host key
nix-shell -p dropbear --run "dropbearkey -t dss -f ./host_dss_key"
'';
};
hostECDSAKey = mkOption {
default = null;
type = with types; nullOr path;
@ -45,14 +36,6 @@ in {
nix-shell -p dropbear --run "dropbearkey -t ecdsa -f ./host_ecdsa_key"
'';
};
hostRSAKey = mkOption {
default = null;
type = with types; nullOr path;
description = ''
you only need one host key
nix-shell -p dropbear --run "dropbearkey -t rsa -f ./host_rsa_key"
'';
};
};
@ -90,6 +73,10 @@ in {
# have to do this otherwise tor does not want to start
chmod -R 700 /etc/tor
echo "make sure localhost is up"
ip a a 127.0.0.1/8 dev lo
ifconfig lo up
echo "tor: starting tor"
tor -f ${torRc} --verify-config
tor -f ${torRc} &
@ -105,9 +92,7 @@ in {
port = cfg.port;
};
boot.initrd.availableKernelModules = cfg.kernelModules;
boot.initrd.network.ssh.hostDSSKey = cfg.hostDSSKey;
boot.initrd.network.ssh.hostECDSAKey = cfg.hostECDSAKey;
boot.initrd.network.ssh.hostRSAKey = cfg.hostRSAKey;
})
];
}