@end example
See below for details about @code{openssh-configuration}.
+
+This service can be extended with extra authorized keys, as in this
+example:
+
+@example
+(service-extension openssh-service-type
+ (const `(("charlie"
+ ,(local-file "charlie.pub")))))
+@end example
@end deffn
@deftp {Data Type} openssh-configuration
registers the specified public keys for user accounts @code{rekado},
@code{chris}, and @code{root}.
+Additional authorized keys can be specified @i{via}
+@code{service-extension}.
+
Note that this does @emph{not} interfere with the use of
@file{~/.ssh/authorized_keys}.
@end table
#:use-module (guix gexp)
#:use-module (guix records)
#:use-module (guix modules)
+ #:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:use-module (ice-9 match)
#:export (lsh-configuration
#:allow-empty-passwords?
(openssh-configuration-allow-empty-passwords? config))))
+(define (extend-openssh-authorized-keys config keys)
+ "Extend CONFIG with the extra authorized keys listed in KEYS."
+ (openssh-configuration
+ (inherit config)
+ (authorized-keys
+ (append (openssh-authorized-keys config) keys))))
+
(define openssh-service-type
(service-type (name 'openssh)
(extensions
openssh-activation)
(service-extension account-service-type
(const %openssh-accounts))))
+ (compose concatenate)
+ (extend extend-openssh-authorized-keys)
(default-value (openssh-configuration))))
\f
HCoop / jackhill / guix / guix.git / commitdiff