summaryrefslogtreecommitdiffstats
path: root/nixos/modules/virtualisation/google-compute-image.nix
diff options
context:
space:
mode:
authorRob Vermaas <rob.vermaas@gmail.com>2018-04-06 10:56:56 +0200
committerRob Vermaas <rob.vermaas@gmail.com>2018-04-06 10:57:31 +0200
commitb894dd8b821d74b25911f63762c24024107d9372 (patch)
tree32c9d3dc2a8053ab564851062ffbf78a194f613e /nixos/modules/virtualisation/google-compute-image.nix
parent935526e181f5b0963616c6f558c2094c4d8690e3 (diff)
Update create-gce.sh script. Set default option for GCE images to disable host key replacement by service.
(cherry picked from commit 748d96ffa3c51c3127bcdf23a88d54afad6406e9)
Diffstat (limited to 'nixos/modules/virtualisation/google-compute-image.nix')
-rw-r--r--nixos/modules/virtualisation/google-compute-image.nix6
1 files changed, 6 insertions, 0 deletions
diff --git a/nixos/modules/virtualisation/google-compute-image.nix b/nixos/modules/virtualisation/google-compute-image.nix
index eaf8b14cd8e1..559c30b9416a 100644
--- a/nixos/modules/virtualisation/google-compute-image.nix
+++ b/nixos/modules/virtualisation/google-compute-image.nix
@@ -57,6 +57,12 @@ in
# Always include cryptsetup so that NixOps can use it.
environment.systemPackages = [ pkgs.cryptsetup ];
+ # Make sure GCE image does not replace host key that NixOps sets
+ environment.etc."default/instance_configs.cfg".text = lib.mkDefault ''
+ [InstanceSetup]
+ set_host_keys = false
+ '';
+
# Rely on GCP's firewall instead
networking.firewall.enable = mkDefault false;
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-21 03:44:53 +0000