diff options
author | tv <tv@shackspace.de> | 2015-09-27 15:24:41 +0200 |
---|---|---|
committer | tv <tv@shackspace.de> | 2015-09-27 15:24:41 +0200 |
commit | dc5299a07126e73b2040213cc1610f7368604213 (patch) | |
tree | d00905b474850ad934406ff9b0b5c34442f8366b /krebs/4lib | |
parent | edd973f7735e7a7e9964f0ac7d75ab4ca20b80d9 (diff) |
krebs: add hosts with ssh.pubkey to known hosts
Diffstat (limited to 'krebs/4lib')
-rw-r--r-- | krebs/4lib/types.nix | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix index dbffdf850..a7df92084 100644 --- a/krebs/4lib/types.nix +++ b/krebs/4lib/types.nix @@ -1,11 +1,12 @@ { lib, ... }: +with builtins; with lib; with types; types // rec { - host = submodule { + host = submodule ({ config, ... }: { options = { name = mkOption { type = label; @@ -46,8 +47,25 @@ types // rec { TODO define minimum requirements for secure hosts ''; }; + + ssh.pubkey = mkOption { + type = nullOr str; + default = null; + apply = x: + if x != null + then x + else trace "The option `krebs.hosts.${config.name}.ssh.pubkey' is unused." null; + }; + ssh.privkey = mkOption { + type = either path str; + apply = x: { + path = toString x; + string = x; + }.${typeOf x}; + }; + }; - }; + }); net = submodule ({ config, ... }: { options = { @@ -71,6 +89,18 @@ types // rec { aliases = mkOption { # TODO nonEmptyListOf hostname type = listOf hostname; + default = []; + }; + ssh = mkOption { + type = submodule { + options = { + port = mkOption { + type = nullOr int; + default = null; + }; + }; + }; + default = {}; }; tinc = mkOption { type = let net-config = config; in nullOr (submodule ({ config, ... }: { |