nixos: use types.enum instead of ad-hoc check in sshd service
This commit is contained in:
parent
dc4fa2da8a
commit
5c6d86540b
1 changed files with 2 additions and 11 deletions
|
@ -9,12 +9,6 @@ let
|
|||
|
||||
nssModulesPath = config.system.nssModules.path;
|
||||
|
||||
permitRootLoginCheck = v:
|
||||
v == "yes" ||
|
||||
v == "without-password" ||
|
||||
v == "forced-commands-only" ||
|
||||
v == "no";
|
||||
|
||||
knownHosts = map (h: getAttr h cfg.knownHosts) (attrNames cfg.knownHosts);
|
||||
|
||||
knownHostsText = flip (concatMapStringsSep "\n") knownHosts
|
||||
|
@ -116,12 +110,9 @@ in
|
|||
|
||||
permitRootLogin = mkOption {
|
||||
default = "without-password";
|
||||
type = types.addCheck types.str permitRootLoginCheck;
|
||||
type = types.enum ["yes" "without-password" "forced-commands-only" "no"];
|
||||
description = ''
|
||||
Whether the root user can login using ssh. Valid values are
|
||||
<literal>yes</literal>, <literal>without-password</literal>,
|
||||
<literal>forced-commands-only</literal> or
|
||||
<literal>no</literal>.
|
||||
Whether the root user can login using ssh.
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in a new issue