diff options
Diffstat (limited to 'krebs/4lib')
| -rw-r--r-- | krebs/4lib/default.nix | 5 | ||||
| -rw-r--r-- | krebs/4lib/types.nix | 69 |
2 files changed, 47 insertions, 27 deletions
diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix index deac02bb..585bd313 100644 --- a/krebs/4lib/default.nix +++ b/krebs/4lib/default.nix @@ -17,7 +17,7 @@ let out = rec { types = import ./types.nix { inherit config; - lib = lib // { inherit genid; }; + lib = lib // { inherit genid optionalTrace; }; }; dir.has-default-nix = path: pathExists (path + "/default.nix"); @@ -41,7 +41,10 @@ let out = rec { mapAttrs (name: _: path + "/${name}") (filterAttrs (_: eq "directory") (readDir path)); + getAttrDef = name: set: set.${name} or set.default or null; mapAttrValues = f: mapAttrs (_: f); setAttr = name: value: set: set // { ${name} = value; }; + optionalTrace = c: msg: x: if c then trace msg x else x; + }; in out diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix index 839a1a92..32d1daf9 100644 --- a/krebs/4lib/types.nix +++ b/krebs/4lib/types.nix @@ -6,7 +6,7 @@ with types; let # Inherited attributes are used in submodules that have their own `config`. - inherit (config.krebs) users; + inherit (config.krebs) build users; in types // rec { @@ -47,33 +47,15 @@ types // rec { }; ssh.pubkey = mkOption { - type = nullOr str; + type = nullOr ssh-pubkey; default = null; apply = x: - if x != null - then x - else trace "The option `krebs.hosts.${config.name}.ssh.pubkey' is unused." null; + optionalTrace (x == null && config.owner.name == build.user.name) + "The option `krebs.hosts.${config.name}.ssh.pubkey' is unused." + x; }; ssh.privkey = mkOption { - type = nullOr (submodule { - options = { - bits = mkOption { - type = nullOr (enum ["4096"]); - default = null; - }; - path = mkOption { - type = either path str; - apply = x: { - path = toString x; - string = x; - }.${typeOf x}; - }; - type = mkOption { - type = enum ["rsa" "ed25519"]; - default = "ed25519"; - }; - }; - }); + type = nullOr ssh-privkey; default = null; }; }; @@ -129,7 +111,7 @@ types // rec { ); }; pubkey = mkOption { - type = str; + type = tinc-pubkey; }; }; })); @@ -183,8 +165,18 @@ types // rec { type = username; default = config._module.args.name; }; + pgp.pubkeys = mkOption { + type = attrsOf pgp-pubkey; + default = {}; + description = '' + Set of user's PGP public keys. + + Modules supporting PGP may use well-known key names to define option + defaults, e.g. using `getAttrDef well-known-name pubkeys`. + ''; + }; pubkey = mkOption { - type = nullOr str; + type = nullOr ssh-pubkey; default = null; }; uid = mkOption { @@ -199,6 +191,31 @@ types // rec { addr4 = str; addr6 = str; + pgp-pubkey = str; + + ssh-pubkey = str; + ssh-privkey = submodule { + options = { + bits = mkOption { + type = nullOr (enum ["4096"]); + default = null; + }; + path = mkOption { + type = either path str; + apply = x: { + path = toString x; + string = x; + }.${typeOf x}; + }; + type = mkOption { + type = enum ["rsa" "ed25519"]; + default = "ed25519"; + }; + }; + }; + + tinc-pubkey = str; + krebs.file-location = types.submodule { options = { # TODO user |