From 00bf2f79ccaa4509d1b2fd46e082c9986e0f5f5f Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Sun, 25 Feb 2024 04:47:58 +0000
Subject: [PATCH] ssh: clean up /etc/ssh/host_keys persistence

---
 modules/ssh.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/ssh.nix b/modules/ssh.nix
index a87c42a4..653cd516 100644
--- a/modules/ssh.nix
+++ b/modules/ssh.nix
@@ -66,7 +66,8 @@ in
 
   config = {
     # persist the host key.
-    sane.persist.sys.byStore.plaintext = [ "/etc/ssh/host_keys" ];
+    # actually DON'T do it this way. else we compete with the /etc activation script and it triggers warnings on deploys.
+    # sane.persist.sys.byStore.plaintext = [ "/etc/ssh/host_keys" ];
     # N.B.: use the plaintext `backing` dir instead of proper persistence, because this needs to be available
     # during activation time (see /etc/machine-id and setupSecretsForUsers activation script).
     # TODO: this should go in the same dir as `/var/log`, then. i.e. `stores.initrd` (but rename to `stores.early`).