summary refs log tree commit diff
path: root/gnu/services/ssh.scm
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2017-07-30 16:03:43 +0200
committerLudovic Courtès <ludo@gnu.org>2017-07-30 16:23:19 +0200
commit1398a43816011c435fb6723154dbf1d3414b5b3d (patch)
tree8d620776214b52974d7d172644d8bbdd8d48245a /gnu/services/ssh.scm
parent4892eb7c6a21416f3a18e18ca17984e2b66050ad (diff)
downloadguix-1398a43816011c435fb6723154dbf1d3414b5b3d.tar.gz
services: openssh: Extensions provide extra authorized keys.
* gnu/services/ssh.scm (extend-openssh-authorized-keys): New procedure.
(openssh-service-type)[compose, extend]: New fields.
* doc/guix.texi (Networking Services): Document the extension.
Diffstat (limited to 'gnu/services/ssh.scm')
-rw-r--r--gnu/services/ssh.scm10
1 files changed, 10 insertions, 0 deletions
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 08635af16d..697bb1b82e 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -29,6 +29,7 @@
   #:use-module (guix gexp)
   #:use-module (guix records)
   #:use-module (guix modules)
+  #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-26)
   #:use-module (ice-9 match)
   #:export (lsh-configuration
@@ -450,6 +451,13 @@ of user-name/file-like tuples."
          #:allow-empty-passwords?
          (openssh-configuration-allow-empty-passwords? config))))
 
+(define (extend-openssh-authorized-keys config keys)
+  "Extend CONFIG with the extra authorized keys listed in KEYS."
+  (openssh-configuration
+   (inherit config)
+   (authorized-keys
+    (append (openssh-authorized-keys config) keys))))
+
 (define openssh-service-type
   (service-type (name 'openssh)
                 (extensions
@@ -461,6 +469,8 @@ of user-name/file-like tuples."
                                           openssh-activation)
                        (service-extension account-service-type
                                           (const %openssh-accounts))))
+                (compose concatenate)
+                (extend extend-openssh-authorized-keys)
                 (default-value (openssh-configuration))))