2008-03-05 17:03:09 +01:00
|
|
|
{lsh, xauth, lib, nssModulesPath, lshdConfig}:
|
|
|
|
|
|
|
|
with builtins;
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
{
|
|
|
|
name = "lshd";
|
|
|
|
|
|
|
|
job = with lshdConfig; ''
|
|
|
|
description "GNU lshd SSH2 daemon"
|
|
|
|
|
|
|
|
start on network-interfaces/started
|
|
|
|
stop on network-interfaces/stop
|
|
|
|
|
|
|
|
env LD_LIBRARY_PATH=${nssModulesPath}
|
|
|
|
|
|
|
|
start script
|
|
|
|
test -d /etc/lsh || mkdir -m 0755 -p /etc/lsh
|
|
|
|
test -d /var/spool/lsh || mkdir -m 0755 -p /var/spool/lsh
|
|
|
|
|
|
|
|
if ! test -f /var/spool/lsh/yarrow-seed-file
|
|
|
|
then
|
|
|
|
${lsh}/bin/lsh-make-seed -o /var/spool/lsh/yarrow-seed-file
|
|
|
|
fi
|
|
|
|
|
|
|
|
if ! test -f "${hostKey}"
|
|
|
|
then
|
|
|
|
${lsh}/bin/lsh-keygen --server | \
|
2008-07-23 16:13:27 +02:00
|
|
|
${lsh}/bin/lsh-writekey --server -o "${hostKey}"
|
2008-03-05 17:03:09 +01:00
|
|
|
fi
|
|
|
|
end script
|
|
|
|
|
|
|
|
respawn ${lsh}/sbin/lshd --daemonic \
|
|
|
|
-p ${toString portNumber} \
|
|
|
|
${if interfaces == [] then ""
|
|
|
|
else (concatStrings (map (i: "--interface=\"${i}\"")
|
|
|
|
interfaces))} \
|
|
|
|
-h "${hostKey}" \
|
|
|
|
${if !syslog then "--no-syslog" else ""} \
|
2008-07-08 09:24:28 +02:00
|
|
|
${if passwordAuthentication then "--password" else "--no-password" } \
|
|
|
|
${if publicKeyAuthentication then "--publickey" else "--no-publickey" } \
|
|
|
|
${if rootLogin then "--root-login" else "--no-root-login" } \
|
2008-03-05 17:03:09 +01:00
|
|
|
${if loginShell != null then "--login-shell=\"${loginShell}\"" else "" } \
|
2008-07-08 09:24:28 +02:00
|
|
|
${if srpKeyExchange then "--srp-keyexchange" else "--no-srp-keyexchange" } \
|
2008-03-05 17:03:09 +01:00
|
|
|
${if !tcpForwarding then "--no-tcpip-forward" else "--tcpip-forward"} \
|
|
|
|
${if x11Forwarding then "--x11-forward" else "--no-x11-forward" } \
|
|
|
|
--subsystems=${concatStringsSep ","
|
|
|
|
(map (pair: (head pair) + "=" +
|
|
|
|
(head (tail pair)))
|
2008-07-23 16:13:27 +02:00
|
|
|
subsystems)}
|
2008-03-05 17:03:09 +01:00
|
|
|
'';
|
|
|
|
|
|
|
|
}
|