Merge pull request #275633 from chreekat/b/sshd-config-check

sshd: Use top-level ports in config check when needed
2024-01-03 16:25:08 +01:00 · 2024-01-03 16:25:08 +01:00 · cfd8c0ddd8
commit cfd8c0ddd8
parent 6e39c24da4 e797aaea0b
1 changed files with 5 additions and 1 deletions
--- a/nixos/modules/services/networking/ssh/sshd.nix
+++ b/nixos/modules/services/networking/ssh/sshd.nix
@ -674,7 +674,11 @@ in
          (lport: "sshd -G -T -C lport=${toString lport} -f ${sshconf} > /dev/null")
          cfg.ports}
        ${concatMapStringsSep "\n"
-          (la: "sshd -G -T -C ${escapeShellArg "laddr=${la.addr},lport=${toString la.port}"} -f ${sshconf} > /dev/null")
+          (la:
+            concatMapStringsSep "\n"
+              (port: "sshd -G -T -C ${escapeShellArg "laddr=${la.addr},lport=${toString port}"} -f ${sshconf} > /dev/null")
+              (if la.port != null then [ la.port ] else cfg.ports)
+          )
          cfg.listenAddresses}
        touch $out
      '')