1 files changed, 59 insertions, 2 deletions

diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index f6b4bd8b..039f803e 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -1,11 +1,12 @@
 { lib, ... }:
 
+with builtins;
 with lib;
 with types;
 
 types // rec {
 
-  host = submodule {
+  host = submodule ({ config, ... }: {
     options = {
       name = mkOption {
         type = label;
@@ -27,6 +28,19 @@ types // rec {
         type = with types; attrsOf string;
       };
 
+      infest = {
+        addr = mkOption {
+          type = str;
+          apply = trace "Obsolete option `krebs.hosts.${config.name}.infest.addr' is used.  It was replaced by the `target' argument to `make` or `get`.  See Makefile for more information.";
+        };
+        port = mkOption {
+          type = int;
+          default = 22;
+          # TODO replacement: allow target with port, SSH-style: [lol]:666
+          apply = trace "Obsolete option `krebs.hosts.${config.name}.infest.port' is used.  It's gone without replacement.";
+        };
+      };
+
       secure = mkOption {
         type = bool;
         default = false;
@@ -36,8 +50,39 @@ types // rec {
           TODO define minimum requirements for secure hosts
         '';
       };
+
+      ssh.pubkey = mkOption {
+        type = nullOr str;
+        default = null;
+        apply = x:
+          if x != null
+            then x
+            else trace "The option `krebs.hosts.${config.name}.ssh.pubkey' is unused." null;
+      };
+      ssh.privkey = mkOption {
+        type = nullOr (submodule {
+          options = {
+            bits = mkOption {
+              type = nullOr (enum ["4096"]);
+              default = null;
+            };
+            path = mkOption {
+              type = either path str;
+              apply = x: {
+                path = toString x;
+                string = x;
+              }.${typeOf x};
+            };
+            type = mkOption {
+              type = enum ["rsa" "ed25519"];
+              default = "ed25519";
+            };
+          };
+        });
+        default = null;
+      };
     };
-  };
+  });
 
   net = submodule ({ config, ... }: {
     options = {
@@ -61,6 +106,18 @@ types // rec {
       aliases = mkOption {
         # TODO nonEmptyListOf hostname
         type = listOf hostname;
+        default = [];
+      };
+      ssh = mkOption {
+        type = submodule {
+          options = {
+            port = mkOption {
+              type = nullOr int;
+              default = null;
+            };
+          };
+        };
+        default = {};
       };
       tinc = mkOption {
         type = let net-config = config; in nullOr (submodule ({ config, ... }: {