From 4c40eba8161d4afaa85984737c6f03adf861be7a Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 7 Feb 2016 15:58:49 +0100
Subject: krebs: add localhost to knownHosts

---
 krebs/3modules/default.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'krebs/3modules/default.nix')

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index e11d40a0..e4e5642c 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -155,7 +155,16 @@ let
         let inherit (config.krebs.build.host.ssh) privkey; in
         mkIf (privkey != null) (mkForce [privkey]);
 
+      # TODO use imports for merging
       services.openssh.knownHosts =
+        (let inherit (config.krebs.build.host.ssh) pubkey; in
+          optionalAttrs (pubkey != null) {
+            localhost = {
+              hostNames = ["localhost" "127.0.0.1" "::1"];
+              publicKey = pubkey;
+            };
+          })
+        //
         # GitHub's IPv4 address range is 192.30.252.0/22
         # Refs https://help.github.com/articles/what-ip-addresses-does-github-use-that-i-should-whitelist/
         # 192.30.252.0/22 = 192.30.252.0-192.30.255.255 (1024 addresses)
-- 
cgit v1.2.3