Thanks. Though that code causes "guix system: error: symlink: File
exists: "/etc/ssh"" when I use it, and by the looks of it, would still
be putting the key in the store, which is insecure.
On Sun, Dec 5, 2021 at 8:44 PM Gary Johnson <lambdatro...@disroot.org> wrote:
>
> Nathan Dehnel <ncdeh...@gmail.com> writes:
>
> > Thanks. I guess then I need to know how to put a file in /etc/ssh
> > without putting it in the store.
>
> To programmatically add a file to /etc, you can extend the
> etc-service-type in your operating-system's services field like so:
>
> ```
> (use-modules
> ((gnu services) #:select (simple-service etc-service-type))
> ((gnu services desktop) #:select (%desktop-services))
> ((gnu system) #:select (operating-system))
> ((guix gexp) #:select (local-file)))
>
> (define guixrig_host_rsa_key
> (local-file "ssh/guixrig_host_rsa_key" #:recursive? #t))
>
> (operating-system
> ...
> (services (cons* (simple-service 'my-secret-service etc-service-type
> `(("ssh/guixrig_host_rsa_key"
> ,guixrig_host_rsa_key)))
> %desktop-services)))
> ```
>
> Have fun and happy hacking!
> ~Gary
>
> --
> GPG Key ID: 7BC158ED
> Use `gpg --search-keys lambdatronic' to find me
> Protect yourself from surveillance: https://emailselfdefense.fsf.org
> =======================================================================
> () ascii ribbon campaign - against html e-mail
> /\ www.asciiribbon.org - against proprietary attachments
>
> Why is HTML email a security nightmare? See https://useplaintext.email/
>
> Please avoid sending me MS-Office attachments.
> See http://www.gnu.org/philosophy/no-word-attachments.html
