From a6fa19293d46a2b398c008ea7e03c2827b1d6f06 Mon Sep 17 00:00:00 2001 From: Felix Stupp Date: Fri, 6 Sep 2024 13:28:02 +0000 Subject: [PATCH] improvedDef/sshAuth: avoid root auth warning on installers too --- nix/nixos-modules/improvedDefaults/sshAuthorize.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nix/nixos-modules/improvedDefaults/sshAuthorize.nix b/nix/nixos-modules/improvedDefaults/sshAuthorize.nix index c24e089..693664f 100644 --- a/nix/nixos-modules/improvedDefaults/sshAuthorize.nix +++ b/nix/nixos-modules/improvedDefaults/sshAuthorize.nix @@ -53,6 +53,8 @@ in isRootAuthed = isUserAuthed users."root"; doRootAuth = !isNonRootAuthed; otherUserExists = nonRootUsers != [ ]; + # explicit installer check required because installer set ups user "nixos" for installation + isInstaller = config.system.nixos.variant_id == "installer"; in { @@ -66,7 +68,7 @@ in # warn only if other users exist -> multi-user machine # compared to "root"-only systems (e.g. installer, embedded systems) - warnings = lib.mkIf (doRootAuth && otherUserExists) [ + warnings = lib.mkIf (doRootAuth && otherUserExists && !isInstaller) [ '' root’s authorized keys were automatically configured because no other user with wheel permission has authorized keys configured