From f3f8e43a670b2f8e745ef93b4f6d04ca9cf8d4c5 Mon Sep 17 00:00:00 2001
From: Soispha <soispha@vhack.eu>
Date: Tue, 4 Jul 2023 21:36:35 +0200
Subject: Fix(system/services/openssh): Set correct permissions on ssh dir

---
 system/file_system_layouts/impermanence.nix | 6 ++++++
 system/services/openssh/default.nix         | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

(limited to 'system')

diff --git a/system/file_system_layouts/impermanence.nix b/system/file_system_layouts/impermanence.nix
index 7e8a659..69af468 100644
--- a/system/file_system_layouts/impermanence.nix
+++ b/system/file_system_layouts/impermanence.nix
@@ -13,6 +13,12 @@
           group = "nix-sync";
           mode = "0700";
         }
+        {
+          directory = "/var/lib/sshd";
+          user = "root";
+          group = "root";
+          mode = "0700";
+        }
       ];
       files = [
         "/etc/machine-id"
diff --git a/system/services/openssh/default.nix b/system/services/openssh/default.nix
index 1bb37ee..8b28cbd 100644
--- a/system/services/openssh/default.nix
+++ b/system/services/openssh/default.nix
@@ -4,7 +4,7 @@
     settings.PasswordAuthentication = false;
     hostKeys = [
       {
-        path = "/srv/sshd/ssh_host_ed25519_key";
+        path = "/var/lib/sshd/ssh_host_ed25519_key";
         rounds = 1000;
         type = "ed25519";
       }
-- 
cgit 1.4.1