From 886cde88d568390d22387665404fcdf182d16baa Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Wed, 30 Jun 2021 15:28:48 -0400
Subject: [PATCH] small comment about ssh config

---
 nixos/modules/deployment.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/nixos/modules/deployment.nix b/nixos/modules/deployment.nix
index aa2d1d39..4b03ff34 100755
--- a/nixos/modules/deployment.nix
+++ b/nixos/modules/deployment.nix
@@ -8,6 +8,9 @@ let
   # execute a certain command *only*.
   restrictedKey =
     { authorizedKey, command, gridName }:
+    # `restrict` means "disable all the things" then `command` means "but
+    # enable running this one command" (the client does not have to supply the
+    # command; if they authenticate, this is the command that will run).
     "restrict,command=\"${command} ${gridName}\" ${authorizedKey}";
 in {
   options = {
-- 
GitLab