From 879d01ac2e78656ee85c3c9ed1a56b1b10e623bd Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Fri, 23 Feb 2024 18:14:25 +0000
Subject: [PATCH] modules/ssh: note that theres a better store to place the ssh
 host_keys in

---
 modules/ssh.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/ssh.nix b/modules/ssh.nix
index f24bbf5ca..a87c42a49 100644
--- a/modules/ssh.nix
+++ b/modules/ssh.nix
@@ -69,6 +69,7 @@ in
     sane.persist.sys.byStore.plaintext = [ "/etc/ssh/host_keys" ];
     # N.B.: use the plaintext `backing` dir instead of proper persistence, because this needs to be available
     # during activation time (see /etc/machine-id and setupSecretsForUsers activation script).
+    # TODO: this should go in the same dir as `/var/log`, then. i.e. `stores.initrd` (but rename to `stores.early`).
     environment.etc."ssh/host_keys".source = let
       plaintextBacking = config.sane.fs."${config.sane.persist.stores.plaintext.origin}".mount.bind;
     in "${plaintextBacking}/etc/ssh/host_keys";