Skip to content

Commit d9ac3ba

Browse files
talyztalyz
committed
nixos/ec2-data: sshd.service -> sshd-keygen.service
SSH key generation was split out into its own systemd service in NixOS#372979, but dependent service definitions weren't updated. The `apply-ec2-data` service needs to run before SSH key generation, as it fetches host keys defined in ec2 user data and these keys should take priority over generating new ones. Currently, the ordering doesn't specify which should run first of `apply-ec2-data` and `sshd-keygen`; in practice it seems that `sshd-keygen` often wins the race, though. Update the dependencies so that `apply-ec2-data` always runs first.
1 parent 874fb70 commit d9ac3ba

1 file changed

Lines changed: 3 additions & 3 deletions

File tree

nixos/modules/virtualisation/ec2-data.nix

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,9 +23,9 @@ with lib;
2323

2424
wantedBy = [
2525
"multi-user.target"
26-
"sshd.service"
26+
"sshd-keygen.service"
2727
];
28-
before = [ "sshd.service" ];
28+
before = [ "sshd-keygen.service" ];
2929
after = [ "fetch-ec2-metadata.service" ];
3030

3131
path = [ pkgs.iproute2 ];
@@ -80,7 +80,7 @@ with lib;
8080
systemd.services.print-host-key = {
8181
description = "Print SSH Host Key";
8282
wantedBy = [ "multi-user.target" ];
83-
after = [ "sshd.service" ];
83+
after = [ "sshd-keygen.service" ];
8484
script = ''
8585
# Print the host public key on the console so that the user
8686
# can obtain it securely by parsing the output of

0 commit comments

Comments
 (0)