mirror/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-09-29 23:52:55 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #164800 from pennae/ssh-knownhosts-hostnames

Browse Source 
nixos/ssh: undeprecate knownHosts.«name».hostNames
This commit is contained in:
Silvan Mosberger 2022-04-05 18:05:26 +02:00 committed by GitHub
commit ce6bb9800d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 26 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
View File

@ -1512,9 +1512,11 @@
<para> <para>
<link linkend="opt-programs.ssh.knownHosts">programs.ssh.knownHosts</link> <link linkend="opt-programs.ssh.knownHosts">programs.ssh.knownHosts</link>
has gained an <literal>extraHostNames</literal> option to has gained an <literal>extraHostNames</literal> option to
replace <literal>hostNames</literal>. augment <literal>hostNames</literal>. It is now possible to
<literal>hostNames</literal> is deprecated, but still use the attribute name of a <literal>knownHosts</literal>
available for now. entry as the primary host name and specify secondary host
names using <literal>extraHostNames</literal> without having
to duplicate the primary host name.
</para> </para>
</listitem> </listitem>
<listitem> <listitem>

4
nixos/doc/manual/release-notes/rl-2205.section.md
View File

@ -537,7 +537,9 @@ In addition to numerous new and upgraded packages, this release has the followin
e.g. Wayland. e.g. Wayland.
- [programs.ssh.knownHosts](#opt-programs.ssh.knownHosts) has gained an `extraHostNames` - [programs.ssh.knownHosts](#opt-programs.ssh.knownHosts) has gained an `extraHostNames`
option to replace `hostNames`. `hostNames` is deprecated, but still available for now. option to augment `hostNames`. It is now possible to use the attribute name of a `knownHosts`
entry as the primary host name and specify secondary host names using `extraHostNames` without
having to duplicate the primary host name.
- The `services.stubby` module was converted to a [settings-style](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) configuration. - The `services.stubby` module was converted to a [settings-style](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) configuration.

25
nixos/modules/programs/ssh.nix
View File

@ -157,9 +157,13 @@ in
default = [ name ] ++ config.extraHostNames; default = [ name ] ++ config.extraHostNames;
defaultText = literalExpression "[ ${name} ] ++ config.${options.extraHostNames}"; defaultText = literalExpression "[ ${name} ] ++ config.${options.extraHostNames}";
description = '' description = ''
DEPRECATED, please use <literal>extraHostNames</literal>.
A list of host names and/or IP numbers used for accessing A list of host names and/or IP numbers used for accessing
the host's ssh service. the host's ssh service. This list includes the name of the
containing <literal>knownHosts</literal> attribute by default
for convenience. If you wish to configure multiple host keys
for the same host use multiple <literal>knownHosts</literal>
entries with different attribute names and the same
<literal>hostNames</literal> list.
''; '';
}; };
extraHostNames = mkOption { extraHostNames = mkOption {
@ -167,7 +171,8 @@ in
default = []; default = [];
description = '' description = ''
A list of additional host names and/or IP numbers used for A list of additional host names and/or IP numbers used for
accessing the host's ssh service. accessing the host's ssh service. This list is ignored if
<literal>hostNames</literal> is set explicitly.
''; '';
}; };
publicKey = mkOption { publicKey = mkOption {
@ -198,7 +203,12 @@ in
}; };
})); }));
description = '' description = ''
The set of system-wide known SSH hosts. The set of system-wide known SSH hosts. To make simple setups more
convenient the name of an attribute in this set is used as a host name
for the entry. This behaviour can be disabled by setting
<literal>hostNames</literal> explicitly. You can use
<literal>extraHostNames</literal> to add additional host names without
disabling this default.
''; '';
example = literalExpression '' example = literalExpression ''
{ {
@ -207,6 +217,10 @@ in
publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub; publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub;
}; };
"myhost2.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIRuJ8p1Fi+m6WkHV0KWnRfpM1WxoW8XAS+XvsSKsTK"; "myhost2.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIRuJ8p1Fi+m6WkHV0KWnRfpM1WxoW8XAS+XvsSKsTK";
"myhost2.net/dsa" = {
hostNames = [ "myhost2.net" ];
publicKeyFile = ./pubkeys/myhost2_ssh_host_dsa_key.pub;
};
} }
''; '';
}; };
@ -279,9 +293,6 @@ in
message = "knownHost ${name} must contain either a publicKey or publicKeyFile"; message = "knownHost ${name} must contain either a publicKey or publicKeyFile";
}); });
warnings = mapAttrsToList (name: _: ''programs.ssh.knownHosts.${name}.hostNames is deprecated, use programs.ssh.knownHosts.${name}.extraHostNames'')
(filterAttrs (name: {hostNames, extraHostNames, ...}: hostNames != [ name ] ++ extraHostNames) cfg.knownHosts);
# SSH configuration. Slight duplication of the sshd_config # SSH configuration. Slight duplication of the sshd_config
# generation in the sshd service. # generation in the sshd service.
environment.etc."ssh/ssh_config".text = environment.etc."ssh/ssh_config".text =