diff options
Diffstat (limited to 'nixos/modules/programs')
27 files changed, 509 insertions, 310 deletions
diff --git a/nixos/modules/programs/adb.nix b/nixos/modules/programs/adb.nix index 942572cef9d5..250d8c252a3b 100644 --- a/nixos/modules/programs/adb.nix +++ b/nixos/modules/programs/adb.nix @@ -16,7 +16,6 @@ with lib; To grant access to a user, it must be part of adbusers group: <code>users.users.alice.extraGroups = ["adbusers"];</code> ''; - relatedPackages = [ ["androidenv" "platformTools"] ]; }; }; }; @@ -24,7 +23,7 @@ with lib; ###### implementation config = mkIf config.programs.adb.enable { services.udev.packages = [ pkgs.android-udev-rules ]; - environment.systemPackages = [ pkgs.androidenv.platformTools ]; + environment.systemPackages = [ pkgs.androidenv.androidPkgs_9_0.platform-tools ]; users.groups.adbusers = {}; }; } diff --git a/nixos/modules/programs/bash/bash.nix b/nixos/modules/programs/bash/bash.nix index 424e1506b4c5..d22f9dfa3199 100644 --- a/nixos/modules/programs/bash/bash.nix +++ b/nixos/modules/programs/bash/bash.nix @@ -16,7 +16,7 @@ let # programmable completion. If we do, enable all modules installed in # the system and user profile in obsolete /etc/bash_completion.d/ # directories. Bash loads completions in all - # $XDG_DATA_DIRS/share/bash-completion/completions/ + # $XDG_DATA_DIRS/bash-completion/completions/ # on demand, so they do not need to be sourced here. if shopt -q progcomp &>/dev/null; then . "${pkgs.bash-completion}/etc/profile.d/bash_completion.sh" @@ -33,7 +33,8 @@ let ''; bashAliases = concatStringsSep "\n" ( - mapAttrsFlatten (k: v: "alias ${k}='${v}'") cfg.shellAliases + mapAttrsFlatten (k: v: "alias ${k}=${escapeShellArg v}") + (filterAttrs (k: v: !isNull v) cfg.shellAliases) ); in @@ -59,12 +60,12 @@ in */ shellAliases = mkOption { - default = config.environment.shellAliases; + default = {}; description = '' - Set of aliases for bash shell. See <option>environment.shellAliases</option> - for an option format description. + Set of aliases for bash shell, which overrides <option>environment.shellAliases</option>. + See <option>environment.shellAliases</option> for an option format description. ''; - type = types.attrs; # types.attrsOf types.stringOrPath; + type = with types; attrsOf (nullOr (either str path)); }; shellInit = mkOption { @@ -97,7 +98,12 @@ in if [ "$TERM" != "dumb" -o -n "$INSIDE_EMACS" ]; then PROMPT_COLOR="1;31m" let $UID && PROMPT_COLOR="1;32m" - PS1="\n\[\033[$PROMPT_COLOR\][\u@\h:\w]\\$\[\033[0m\] " + if [ -n "$INSIDE_EMACS" ]; then + # Emacs term mode doesn't support xterm title escape sequence (\e]0;) + PS1="\n\[\033[$PROMPT_COLOR\][\u@\h:\w]\\$\[\033[0m\] " + else + PS1="\n\[\033[$PROMPT_COLOR\][\[\e]0;\u@\h: \w\a\]\u@\h:\w]\$\[\033[0m\] " + fi if test "$TERM" = "xterm"; then PS1="\[\033]2;\h:\u:\w\007\]$PS1" fi @@ -125,6 +131,8 @@ in programs.bash = { + shellAliases = mapAttrs (name: mkDefault) cfge.shellAliases; + shellInit = '' if [ -z "$__NIXOS_SET_ENVIRONMENT_DONE" ]; then . ${config.system.build.setEnvironment} diff --git a/nixos/modules/programs/command-not-found/command-not-found.nix b/nixos/modules/programs/command-not-found/command-not-found.nix index bbe7165c62fb..656c255fcb18 100644 --- a/nixos/modules/programs/command-not-found/command-not-found.nix +++ b/nixos/modules/programs/command-not-found/command-not-found.nix @@ -16,7 +16,7 @@ let isExecutable = true; inherit (pkgs) perl; inherit (cfg) dbPath; - perlFlags = concatStrings (map (path: "-I ${path}/lib/perl5/site_perl ") + perlFlags = concatStrings (map (path: "-I ${path}/${pkgs.perl.libPrefix} ") [ pkgs.perlPackages.DBI pkgs.perlPackages.DBDSQLite pkgs.perlPackages.StringShellQuote ]); }; diff --git a/nixos/modules/programs/digitalbitbox/doc.xml b/nixos/modules/programs/digitalbitbox/doc.xml index a26653dda535..c63201628dbd 100644 --- a/nixos/modules/programs/digitalbitbox/doc.xml +++ b/nixos/modules/programs/digitalbitbox/doc.xml @@ -3,75 +3,64 @@ xmlns:xi="http://www.w3.org/2001/XInclude" version="5.0" xml:id="module-programs-digitalbitbox"> - - <title>Digital Bitbox</title> - - <para> - Digital Bitbox is a hardware wallet and second-factor authenticator. - </para> - - <para> - The <literal>digitalbitbox</literal> programs module may be - installed by setting <literal>programs.digitalbitbox</literal> - to <literal>true</literal> in a manner similar to - + <title>Digital Bitbox</title> + <para> + Digital Bitbox is a hardware wallet and second-factor authenticator. + </para> + <para> + The <literal>digitalbitbox</literal> programs module may be installed by + setting <literal>programs.digitalbitbox</literal> to <literal>true</literal> + in a manner similar to <programlisting> <xref linkend="opt-programs.digitalbitbox.enable"/> = true; </programlisting> - - and bundles the <literal>digitalbitbox</literal> package (see <xref + and bundles the <literal>digitalbitbox</literal> package (see + <xref linkend="sec-digitalbitbox-package" />), which contains the - <literal>dbb-app</literal> and <literal>dbb-cli</literal> binaries, - along with the hardware module (see <xref + <literal>dbb-app</literal> and <literal>dbb-cli</literal> binaries, along + with the hardware module (see + <xref linkend="sec-digitalbitbox-hardware-module" />) which sets up the - necessary udev rules to access the device. - </para> - - <para> - Enabling the digitalbitbox module is pretty much the easiest way to - get a Digital Bitbox device working on your system. - </para> + necessary udev rules to access the device. + </para> + <para> + Enabling the digitalbitbox module is pretty much the easiest way to get a + Digital Bitbox device working on your system. + </para> + <para> + For more information, see + <link xlink:href="https://digitalbitbox.com/start_linux" />. + </para> + <section xml:id="sec-digitalbitbox-package"> + <title>Package</title> <para> - For more information, see - <link xlink:href="https://digitalbitbox.com/start_linux" />. - </para> - - <section xml:id="sec-digitalbitbox-package"> - <title>Package</title> - - <para> - The binaries, <literal>dbb-app</literal> (a GUI tool) and - <literal>dbb-cli</literal> (a CLI tool), are available through the - <literal>digitalbitbox</literal> package which could be installed - as follows: - + The binaries, <literal>dbb-app</literal> (a GUI tool) and + <literal>dbb-cli</literal> (a CLI tool), are available through the + <literal>digitalbitbox</literal> package which could be installed as + follows: <programlisting> <xref linkend="opt-environment.systemPackages"/> = [ pkgs.digitalbitbox ]; </programlisting> - </para> - </section> - - - <section xml:id="sec-digitalbitbox-hardware-module"> - <title>Hardware</title> - - <para> - The digitalbitbox hardware package enables the udev rules for - Digital Bitbox devices and may be installed as follows: + </para> + </section> + <section xml:id="sec-digitalbitbox-hardware-module"> + <title>Hardware</title> + <para> + The digitalbitbox hardware package enables the udev rules for Digital Bitbox + devices and may be installed as follows: <programlisting> <xref linkend="opt-hardware.digitalbitbox.enable"/> = true; </programlisting> - </para> - - <para> - In order to alter the udev rules, one may provide different values for - the <literal>udevRule51</literal> and <literal>udevRule52</literal> - attributes by means of overriding as follows: + </para> + <para> + In order to alter the udev rules, one may provide different values for the + <literal>udevRule51</literal> and <literal>udevRule52</literal> attributes + by means of overriding as follows: <programlisting> programs.digitalbitbox = { <link linkend="opt-programs.digitalbitbox.enable">enable</link> = true; @@ -80,6 +69,6 @@ programs.digitalbitbox = { }; }; </programlisting> - </para> - </section> + </para> + </section> </chapter> diff --git a/nixos/modules/programs/dmrconfig.nix b/nixos/modules/programs/dmrconfig.nix new file mode 100644 index 000000000000..e48a4f318370 --- /dev/null +++ b/nixos/modules/programs/dmrconfig.nix @@ -0,0 +1,38 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.programs.dmrconfig; + +in { + meta.maintainers = [ maintainers.etu ]; + + ###### interface + options = { + programs.dmrconfig = { + enable = mkOption { + default = false; + type = types.bool; + description = '' + Whether to configure system to enable use of dmrconfig. This + enables the required udev rules and installs the program. + ''; + relatedPackages = [ "dmrconfig" ]; + }; + + package = mkOption { + default = pkgs.dmrconfig; + type = types.package; + defaultText = "pkgs.dmrconfig"; + description = "dmrconfig derivation to use"; + }; + }; + }; + + ###### implementation + config = mkIf cfg.enable { + environment.systemPackages = [ cfg.package ]; + services.udev.packages = [ cfg.package ]; + }; +} diff --git a/nixos/modules/programs/fish.nix b/nixos/modules/programs/fish.nix index c3f742acde2e..b38af07b92c3 100644 --- a/nixos/modules/programs/fish.nix +++ b/nixos/modules/programs/fish.nix @@ -9,7 +9,8 @@ let cfg = config.programs.fish; fishAliases = concatStringsSep "\n" ( - mapAttrsFlatten (k: v: "alias ${k} '${v}'") cfg.shellAliases + mapAttrsFlatten (k: v: "alias ${k} ${escapeShellArg v}") + (filterAttrs (k: v: !isNull v) cfg.shellAliases) ); in @@ -53,12 +54,12 @@ in }; shellAliases = mkOption { - default = config.environment.shellAliases; + default = {}; description = '' - Set of aliases for fish shell. See <option>environment.shellAliases</option> - for an option format description. + Set of aliases for fish shell, which overrides <option>environment.shellAliases</option>. + See <option>environment.shellAliases</option> for an option format description. ''; - type = types.attrs; + type = with types; attrsOf (nullOr (either str path)); }; shellInit = mkOption { @@ -99,6 +100,8 @@ in config = mkIf cfg.enable { + programs.fish.shellAliases = mapAttrs (name: mkDefault) cfge.shellAliases; + environment.etc."fish/foreign-env/shellInit".text = cfge.shellInit; environment.etc."fish/foreign-env/loginShellInit".text = cfge.loginShellInit; environment.etc."fish/foreign-env/interactiveShellInit".text = cfge.interactiveShellInit; diff --git a/nixos/modules/programs/gnupg.nix b/nixos/modules/programs/gnupg.nix index addc9dcca87e..b01de9efaa5e 100644 --- a/nixos/modules/programs/gnupg.nix +++ b/nixos/modules/programs/gnupg.nix @@ -77,7 +77,7 @@ in systemd.packages = [ pkgs.gnupg ]; - environment.extraInit = '' + environment.interactiveShellInit = '' # Bind gpg-agent to this TTY if gpg commands are used. export GPG_TTY=$(tty) diff --git a/nixos/modules/programs/iotop.nix b/nixos/modules/programs/iotop.nix new file mode 100644 index 000000000000..5512dbc62f72 --- /dev/null +++ b/nixos/modules/programs/iotop.nix @@ -0,0 +1,17 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.programs.iotop; +in { + options = { + programs.iotop.enable = mkEnableOption "iotop + setcap wrapper"; + }; + config = mkIf cfg.enable { + security.wrappers.iotop = { + source = "${pkgs.iotop}/bin/iotop"; + capabilities = "cap_net_admin+p"; + }; + }; +} diff --git a/nixos/modules/programs/light.nix b/nixos/modules/programs/light.nix index 6f8c389acc97..9f2a03e7e763 100644 --- a/nixos/modules/programs/light.nix +++ b/nixos/modules/programs/light.nix @@ -13,7 +13,8 @@ in default = false; type = types.bool; description = '' - Whether to install Light backlight control with setuid wrapper. + Whether to install Light backlight control command + and udev rules granting access to members of the "video" group. ''; }; }; @@ -21,6 +22,6 @@ in config = mkIf cfg.enable { environment.systemPackages = [ pkgs.light ]; - security.wrappers.light.source = "${pkgs.light.out}/bin/light"; + services.udev.packages = [ pkgs.light ]; }; } diff --git a/nixos/modules/programs/mininet.nix b/nixos/modules/programs/mininet.nix new file mode 100644 index 000000000000..ecc924325e6b --- /dev/null +++ b/nixos/modules/programs/mininet.nix @@ -0,0 +1,39 @@ +# Global configuration for mininet +# kernel must have NETNS/VETH/SCHED +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.programs.mininet; + + generatedPath = with pkgs; makeSearchPath "bin" [ + iperf ethtool iproute socat + ]; + + pyEnv = pkgs.python.withPackages(ps: [ ps.mininet-python ]); + + mnexecWrapped = pkgs.runCommand "mnexec-wrapper" + { buildInputs = [ pkgs.makeWrapper pkgs.pythonPackages.wrapPython ]; } + '' + makeWrapper ${pkgs.mininet}/bin/mnexec \ + $out/bin/mnexec \ + --prefix PATH : "${generatedPath}" + + ln -s ${pyEnv}/bin/mn $out/bin/mn + + # mn errors out without a telnet binary + # pkgs.telnet brings an undesired ifconfig into PATH see #43105 + ln -s ${pkgs.telnet}/bin/telnet $out/bin/telnet + ''; +in +{ + options.programs.mininet.enable = mkEnableOption "Mininet"; + + config = mkIf cfg.enable { + + virtualisation.vswitch.enable = true; + + environment.systemPackages = [ mnexecWrapped ]; + }; +} diff --git a/nixos/modules/programs/nano.nix b/nixos/modules/programs/nano.nix index 27b6d446c75d..6a4d46338e19 100644 --- a/nixos/modules/programs/nano.nix +++ b/nixos/modules/programs/nano.nix @@ -2,6 +2,7 @@ let cfg = config.programs.nano; + LF = "\n"; in { @@ -33,9 +34,9 @@ in ###### implementation - config = lib.mkIf (cfg.nanorc != "") { + config = lib.mkIf (cfg.nanorc != "" || cfg.syntaxHighlight) { environment.etc."nanorc".text = lib.concatStrings [ cfg.nanorc - (lib.optionalString cfg.syntaxHighlight ''include "${pkgs.nano}/share/nano/*.nanorc"'') ]; + (lib.optionalString cfg.syntaxHighlight ''${LF}include "${pkgs.nano}/share/nano/*.nanorc"'') ]; }; } diff --git a/nixos/modules/programs/nm-applet.nix b/nixos/modules/programs/nm-applet.nix new file mode 100644 index 000000000000..e42219e9638c --- /dev/null +++ b/nixos/modules/programs/nm-applet.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: + +{ + options.programs.nm-applet.enable = lib.mkEnableOption "nm-applet"; + + config = lib.mkIf config.programs.nm-applet.enable { + systemd.user.services.nm-applet = { + description = "Network manager applet"; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; + serviceConfig.ExecStart = "${pkgs.networkmanagerapplet}/bin/nm-applet"; + }; + }; +} diff --git a/nixos/modules/programs/plotinus.xml b/nixos/modules/programs/plotinus.xml index 91740ee16ec2..902cd89e0c49 100644 --- a/nixos/modules/programs/plotinus.xml +++ b/nixos/modules/programs/plotinus.xml @@ -3,23 +3,28 @@ xmlns:xi="http://www.w3.org/2001/XInclude" version="5.0" xml:id="module-program-plotinus"> - -<title>Plotinus</title> - -<para><emphasis>Source:</emphasis> <filename>modules/programs/plotinus.nix</filename></para> - -<para><emphasis>Upstream documentation:</emphasis> <link xlink:href="https://github.com/p-e-w/plotinus"/></para> - -<para>Plotinus is a searchable command palette in every modern GTK+ application.</para> - -<para>When in a GTK+3 application and Plotinus is enabled, you can press <literal>Ctrl+Shift+P</literal> to open the command palette. The command palette provides a searchable list of of all menu items in the application.</para> - -<para>To enable Plotinus, add the following to your <filename>configuration.nix</filename>: - + <title>Plotinus</title> + <para> + <emphasis>Source:</emphasis> + <filename>modules/programs/plotinus.nix</filename> + </para> + <para> + <emphasis>Upstream documentation:</emphasis> + <link xlink:href="https://github.com/p-e-w/plotinus"/> + </para> + <para> + Plotinus is a searchable command palette in every modern GTK+ application. + </para> + <para> + When in a GTK+3 application and Plotinus is enabled, you can press + <literal>Ctrl+Shift+P</literal> to open the command palette. The command + palette provides a searchable list of of all menu items in the application. + </para> + <para> + To enable Plotinus, add the following to your + <filename>configuration.nix</filename>: <programlisting> <xref linkend="opt-programs.plotinus.enable"/> = true; </programlisting> - -</para> - + </para> </chapter> diff --git a/nixos/modules/programs/rootston.nix b/nixos/modules/programs/rootston.nix deleted file mode 100644 index 842d9e6cfb48..000000000000 --- a/nixos/modules/programs/rootston.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ config, pkgs, lib, ... }: - -with lib; - -let - cfg = config.programs.rootston; - - rootstonWrapped = pkgs.writeScriptBin "rootston" '' - #! ${pkgs.runtimeShell} - if [[ "$#" -ge 1 ]]; then - exec ${pkgs.rootston}/bin/rootston "$@" - else - ${cfg.extraSessionCommands} - exec ${pkgs.rootston}/bin/rootston -C ${cfg.configFile} - fi - ''; -in { - options.programs.rootston = { - enable = mkEnableOption '' - rootston, the reference compositor for wlroots. The purpose of rootston - is to test and demonstrate the features of wlroots (if you want a real - Wayland compositor you should e.g. use Sway instead). You can manually - start the compositor by running "rootston" from a terminal''; - - extraSessionCommands = mkOption { - type = types.lines; - default = ""; - example = '' - # Define a keymap (US QWERTY is the default) - export XKB_DEFAULT_LAYOUT=de,us - export XKB_DEFAULT_VARIANT=nodeadkeys - export XKB_DEFAULT_OPTIONS=grp:alt_shift_toggle,caps:escape - ''; - description = '' - Shell commands executed just before rootston is started. - ''; - }; - - extraPackages = mkOption { - type = with types; listOf package; - default = with pkgs; [ - westonLite xwayland rofi - ]; - defaultText = literalExample '' - with pkgs; [ - westonLite xwayland rofi - ] - ''; - example = literalExample "[ ]"; - description = '' - Extra packages to be installed system wide. - ''; - }; - - config = mkOption { - type = types.str; - default = '' - [keyboard] - meta-key = Logo - - # Sway/i3 like Keybindings - # Maps key combinations with commands to execute - # Commands include: - # - "exit" to stop the compositor - # - "exec" to execute a shell command - # - "close" to close the current view - # - "next_window" to cycle through windows - [bindings] - Logo+Shift+e = exit - Logo+q = close - Logo+m = maximize - Alt+Tab = next_window - Logo+Return = exec weston-terminal - Logo+d = exec rofi -show run - ''; - description = '' - Default configuration for rootston (used when called without any - parameters). - ''; - }; - - configFile = mkOption { - type = types.path; - default = "/etc/rootston.ini"; - example = literalExample "${pkgs.rootston}/etc/rootston.ini"; - description = '' - Path to the default rootston configuration file (the "config" option - will have no effect if you change the path). - ''; - }; - }; - - config = mkIf cfg.enable { - environment.etc."rootston.ini".text = cfg.config; - environment.systemPackages = [ rootstonWrapped ] ++ cfg.extraPackages; - - hardware.opengl.enable = mkDefault true; - fonts.enableDefaultFonts = mkDefault true; - programs.dconf.enable = mkDefault true; - }; - - meta.maintainers = with lib.maintainers; [ primeos gnidorah ]; -} diff --git a/nixos/modules/programs/shell.nix b/nixos/modules/programs/shell.nix index 944a8bdf16fc..9842e2bef643 100644 --- a/nixos/modules/programs/shell.nix +++ b/nixos/modules/programs/shell.nix @@ -8,18 +8,12 @@ with lib; config = { - environment.shellAliases = - { ls = "ls --color=tty"; - ll = "ls -l"; - l = "ls -alh"; - }; - environment.shellInit = '' # Set up the per-user profile. mkdir -m 0755 -p "$NIX_USER_PROFILE_DIR" if [ "$(stat --printf '%u' "$NIX_USER_PROFILE_DIR")" != "$(id -u)" ]; then - echo "WARNING: bad ownership on $NIX_USER_PROFILE_DIR, should be $(id -u)" >&2 + echo "WARNING: the per-user profile dir $NIX_USER_PROFILE_DIR should belong to user id $(id -u)" >&2 fi if [ -w "$HOME" ]; then @@ -41,7 +35,7 @@ with lib; NIX_USER_GCROOTS_DIR="/nix/var/nix/gcroots/per-user/$USER" mkdir -m 0755 -p "$NIX_USER_GCROOTS_DIR" if [ "$(stat --printf '%u' "$NIX_USER_GCROOTS_DIR")" != "$(id -u)" ]; then - echo "WARNING: bad ownership on $NIX_USER_GCROOTS_DIR, should be $(id -u)" >&2 + echo "WARNING: the per-user gcroots dir $NIX_USER_GCROOTS_DIR should belong to user id $(id -u)" >&2 fi # Set up a default Nix expression from which to install stuff. diff --git a/nixos/modules/programs/singularity.nix b/nixos/modules/programs/singularity.nix index 86153d933855..b27e122bd1d9 100644 --- a/nixos/modules/programs/singularity.nix +++ b/nixos/modules/programs/singularity.nix @@ -3,18 +3,27 @@ with lib; let cfg = config.programs.singularity; + singularity = pkgs.singularity.overrideAttrs (attrs : { + installPhase = attrs.installPhase + '' + mv $bin/libexec/singularity/bin/starter-suid $bin/libexec/singularity/bin/starter-suid.orig + ln -s /run/wrappers/bin/singularity-suid $bin/libexec/singularity/bin/starter-suid + ''; + }); in { options.programs.singularity = { enable = mkEnableOption "Singularity"; }; config = mkIf cfg.enable { - environment.systemPackages = [ pkgs.singularity ]; - systemd.tmpfiles.rules = [ "d /var/singularity/mnt/session 0770 root root -" - "d /var/singularity/mnt/final 0770 root root -" - "d /var/singularity/mnt/overlay 0770 root root -" - "d /var/singularity/mnt/container 0770 root root -" - "d /var/singularity/mnt/source 0770 root root -"]; + environment.systemPackages = [ singularity ]; + security.wrappers.singularity-suid.source = "${singularity}/libexec/singularity/bin/starter-suid.orig"; + systemd.tmpfiles.rules = [ + "d /var/singularity/mnt/session 0770 root root -" + "d /var/singularity/mnt/final 0770 root root -" + "d /var/singularity/mnt/overlay 0770 root root -" + "d /var/singularity/mnt/container 0770 root root -" + "d /var/singularity/mnt/source 0770 root root -" + ]; }; } diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index cc398174e6ce..46965dd35b71 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -88,7 +88,8 @@ in type = types.lines; default = ""; description = '' - Extra configuration text appended to <filename>ssh_config</filename>. + Extra configuration text prepended to <filename>ssh_config</filename>. Other generated + options will be added after a <code>Host *</code> pattern. See <citerefentry><refentrytitle>ssh_config</refentrytitle><manvolnum>5</manvolnum></citerefentry> for help. ''; @@ -167,16 +168,16 @@ in The set of system-wide known SSH hosts. ''; example = literalExample '' - [ - { + { + myhost = { hostNames = [ "myhost" "myhost.mydomain.com" "10.10.1.4" ]; publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub; - } - { + }; + myhost2 = { hostNames = [ "myhost2" ]; publicKeyFile = ./pubkeys/myhost2_ssh_host_dsa_key.pub; - } - ] + }; + } ''; }; @@ -203,6 +204,11 @@ in # generation in the sshd service. environment.etc."ssh/ssh_config".text = '' + # Custom options from `ex |