krebs types.secret-file: owner-name -> owner :: user

author: tv <tv@krebsco.de> 2016-02-21 07:18:13 +0100
committer: tv <tv@krebsco.de> 2016-02-21 07:18:13 +0100
commit: e3ddf995e92985ee14dab5735ac55045c166aaaf (patch)
tree: f78776a57ce561e88950228cb2110d7372d11d94
parent: 05be525be6d0896b155da7305b2cee950fb3530e (diff)
5 files changed, 19 insertions, 6 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index df1c7db6..7a343d33 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -104,6 +104,13 @@ let
         retiolum = "hosts";
       };
 
+      krebs.users.root = {
+        home = "/root";
+        name = "root";
+        pubkey = config.krebs.build.host.ssh.pubkey;
+        uid = 0;
+      };
+
       networking.extraHosts = concatStringsSep "\n" (flatten (
         mapAttrsToList (hostname: host:
           mapAttrsToList (netname: net:
diff --git a/krebs/3modules/secret.nix b/krebs/3modules/secret.nix
index 46802a66..579f375f 100644
--- a/krebs/3modules/secret.nix
+++ b/krebs/3modules/secret.nix
@@ -25,7 +25,7 @@ in {
                   --compare \
                   --verbose \
                   --mode=${shell.escape file.mode} \
-                  --owner=${shell.escape file.owner-name} \
+                  --owner=${shell.escape file.owner.name} \
                   --group=${shell.escape file.group-name} \
                   ${shell.escape file.source-path} \
                   ${shell.escape file.path} \
diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index 42262729..7792b31d 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -147,8 +147,14 @@ types // rec {
     options = {
       path = mkOption { type = str; };
       mode = mkOption { type = str; default = "0400"; };
-      owner-name = mkOption { type = str; default = "root"; };
-      group-name = mkOption { type = str; default = "root"; };
+      owner = mkOption {
+        type = user;
+        default = config.krebs.users.root;
+      };
+      group-name = mkOption {
+        type = str;
+        default = "root";
+      };
       source-path = mkOption {
         type = str;
         default = toString <secrets> + "/${config._module.args.name}";
diff --git a/tv/3modules/charybdis/default.nix b/tv/3modules/charybdis/default.nix
index 87cb37ef..3af971cd 100644
--- a/tv/3modules/charybdis/default.nix
+++ b/tv/3modules/charybdis/default.nix
@@ -18,7 +18,7 @@ in {
       type = types.secret-file;
       default = {
         path = "${cfg.user.home}/dh.pem";
-        owner-name = "charybdis";
+        owner = cfg.user;
         source-path = toString <secrets> + "/charybdis.dh.pem";
       };
     };
@@ -26,7 +26,7 @@ in {
       type = types.secret-file;
       default = {
         path = "${cfg.user.home}/ssl.key.pem";
-        owner-name = "charybdis";
+        owner = cfg.user;
         source-path = toString <secrets> + "/charybdis.key.pem";
       };
     };
diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix
index da108eb5..95ea24be 100644
--- a/tv/3modules/ejabberd/default.nix
+++ b/tv/3modules/ejabberd/default.nix
@@ -7,7 +7,7 @@ in {
       type = types.secret-file;
       default = {
         path = "${cfg.user.home}/ejabberd.pem";
-        owner-name = "ejabberd";
+        owner = cfg.user;
         source-path = toString <secrets> + "/ejabberd.pem";
       };
     };
author	tv <tv@krebsco.de>	2016-02-21 07:18:13 +0100
committer	tv <tv@krebsco.de>	2016-02-21 07:18:13 +0100
commit	e3ddf995e92985ee14dab5735ac55045c166aaaf (patch)
tree	f78776a57ce561e88950228cb2110d7372d11d94
parent	05be525be6d0896b155da7305b2cee950fb3530e (diff)