gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/ec2-data: sshd.service -> sshd-keygen.service

Browse Source 
SSH key generation was split out into its own systemd service in
https://github.com/NixOS/nixpkgs/pull/372979, but dependent service
definitions weren't updated.

The `apply-ec2-data` service needs to run before SSH key generation,
as it fetches host keys defined in ec2 user data and these keys should
take priority over generating new ones. Currently, the ordering
doesn't specify which should run first of `apply-ec2-data` and
`sshd-keygen`; in practice it seems that `sshd-keygen` often wins the
race, though.

Update the dependencies so that `apply-ec2-data` always runs first.
This commit is contained in:
talyz
2025-09-18 15:33:06 +02:00
parent 874fb7044a
commit d9ac3ba30b
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/modules/virtualisation/ec2-data.nix
View File

@@ -23,9 +23,9 @@ with lib;
wantedBy = [
"multi-user.target"
"sshd.service"
"sshd-keygen.service"
];
before = [ "sshd.service" ];
before = [ "sshd-keygen.service" ];
after = [ "fetch-ec2-metadata.service" ];
path = [ pkgs.iproute2 ];
@@ -80,7 +80,7 @@ with lib;
systemd.services.print-host-key = {
description = "Print SSH Host Key";
wantedBy = [ "multi-user.target" ];
after = [ "sshd.service" ];
after = [ "sshd-keygen.service" ];
script = ''
# Print the host public key on the console so that the user
# can obtain it securely by parsing the output of