diff options
| author | Tom Fitzhenry <tom@tom-fitzhenry.me.uk> | 2024-06-08 15:14:26 +1000 |
|---|---|---|
| committer | Tom Fitzhenry <tom@tom-fitzhenry.me.uk> | 2024-06-08 15:14:26 +1000 |
| commit | 54332f47cea331a38f17521cd74ec79e326a27c1 (patch) | |
| tree | 533d119b4e6defce424384ec0d599e33d7490764 /nixos/modules/system | |
| parent | a9e4bf3fc1cf0b3fa74ff9cefd8c49a51626d26b (diff) | |
nixos/initrd-ssh: set KexAlgorithms/Ciphers/MACs only if non-null
Prior to this commit, if services.openssh.settings.Macs is null, then initrd-ssh.nix would fail to build. Same for KexAlgorithms and Ciphers. Noticed by @SuperSandro2000: https://github.com/NixOS/nixpkgs/pull/316934#issuecomment-2149659873
Diffstat (limited to 'nixos/modules/system')
| -rw-r--r-- | nixos/modules/system/boot/initrd-ssh.nix | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/nixos/modules/system/boot/initrd-ssh.nix b/nixos/modules/system/boot/initrd-ssh.nix index 9ce5a85b4f073..69898bc944de5 100644 --- a/nixos/modules/system/boot/initrd-ssh.nix +++ b/nixos/modules/system/boot/initrd-ssh.nix @@ -150,9 +150,13 @@ in HostKey ${initrdKeyPath path} '')} - KexAlgorithms ${concatStringsSep "," sshdCfg.settings.KexAlgorithms} - Ciphers ${concatStringsSep "," sshdCfg.settings.Ciphers} - MACs ${concatStringsSep "," sshdCfg.settings.Macs} + '' + lib.optionalString (sshdCfg.settings.KexAlgorithms != null) '' + KexAlgorithms ${concatStringsSep "," sshdCfg.settings.KexAlgorithms} + '' + lib.optionalString (sshdCfg.settings.Ciphers != null) '' + Ciphers ${concatStringsSep "," sshdCfg.settings.Ciphers} + '' + lib.optionalString (sshdCfg.settings.Macs != null) '' + MACs ${concatStringsSep "," sshdCfg.settings.Macs} + '' + '' LogLevel ${sshdCfg.settings.LogLevel} |