summaryrefslogtreecommitdiffstats
path: root/krebs/4lib
diff options
context:
space:
mode:
authortv <tv@shackspace.de>2015-09-27 15:24:41 +0200
committertv <tv@shackspace.de>2015-09-27 15:24:41 +0200
commitdc5299a07126e73b2040213cc1610f7368604213 (patch)
treed00905b474850ad934406ff9b0b5c34442f8366b /krebs/4lib
parentedd973f7735e7a7e9964f0ac7d75ab4ca20b80d9 (diff)
krebs: add hosts with ssh.pubkey to known hosts
Diffstat (limited to 'krebs/4lib')
-rw-r--r--krebs/4lib/types.nix34
1 files changed, 32 insertions, 2 deletions
diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index dbffdf850..a7df92084 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -1,11 +1,12 @@
{ lib, ... }:
+with builtins;
with lib;
with types;
types // rec {
- host = submodule {
+ host = submodule ({ config, ... }: {
options = {
name = mkOption {
type = label;
@@ -46,8 +47,25 @@ types // rec {
TODO define minimum requirements for secure hosts
'';
};
+
+ ssh.pubkey = mkOption {
+ type = nullOr str;
+ default = null;
+ apply = x:
+ if x != null
+ then x
+ else trace "The option `krebs.hosts.${config.name}.ssh.pubkey' is unused." null;
+ };
+ ssh.privkey = mkOption {
+ type = either path str;
+ apply = x: {
+ path = toString x;
+ string = x;
+ }.${typeOf x};
+ };
+
};
- };
+ });
net = submodule ({ config, ... }: {
options = {
@@ -71,6 +89,18 @@ types // rec {
aliases = mkOption {
# TODO nonEmptyListOf hostname
type = listOf hostname;
+ default = [];
+ };
+ ssh = mkOption {
+ type = submodule {
+ options = {
+ port = mkOption {
+ type = nullOr int;
+ default = null;
+ };
+ };
+ };
+ default = {};
};
tinc = mkOption {
type = let net-config = config; in nullOr (submodule ({ config, ... }: {