From 1ff38bf6c69fd68cbf4e158a96cd8c97d6cf305d Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Mar 2016 01:17:07 +0100
Subject: krebs lib += optionalTrace

---
 krebs/4lib/default.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'krebs/4lib')

diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix
index deac02bb..e984614a 100644
--- a/krebs/4lib/default.nix
+++ b/krebs/4lib/default.nix
@@ -17,7 +17,7 @@ let out = rec {
 
   types = import ./types.nix {
     inherit config;
-    lib = lib // { inherit genid; };
+    lib = lib // { inherit genid optionalTrace; };
   };
 
   dir.has-default-nix = path: pathExists (path + "/default.nix");
@@ -44,4 +44,6 @@ let out = rec {
   mapAttrValues = f: mapAttrs (_: f);
   setAttr = name: value: set: set // { ${name} = value; };
 
+  optionalTrace = c: msg: x: if c then trace msg x else x;
+
 }; in out
-- 
cgit v1.2.3


From fb82aa8f34977de004df09d9e76c506557235d15 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Mar 2016 01:19:27 +0100
Subject: krebs types.host.ssh.pubkeys: trace only own missing keys

---
 krebs/4lib/types.nix | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'krebs/4lib')

diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index 839a1a92..334a94c3 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -6,7 +6,7 @@ with types;
 
 let
   # Inherited attributes are used in submodules that have their own `config`.
-  inherit (config.krebs) users;
+  inherit (config.krebs) build users;
 in
 
 types // rec {
@@ -50,9 +50,9 @@ types // rec {
         type = nullOr str;
         default = null;
         apply = x:
-          if x != null
-            then x
-            else trace "The option `krebs.hosts.${config.name}.ssh.pubkey' is unused." null;
+          optionalTrace (x == null && config.owner.name == build.user.name)
+            "The option `krebs.hosts.${config.name}.ssh.pubkey' is unused."
+            x;
       };
       ssh.privkey = mkOption {
         type = nullOr (submodule {
-- 
cgit v1.2.3


From e6657cd46a6b97153f80006144fe6293f715bb7d Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Mar 2016 01:52:34 +0100
Subject: krebs lib += getAttrDef

---
 krebs/4lib/default.nix | 1 +
 1 file changed, 1 insertion(+)

(limited to 'krebs/4lib')

diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix
index e984614a..585bd313 100644
--- a/krebs/4lib/default.nix
+++ b/krebs/4lib/default.nix
@@ -41,6 +41,7 @@ let out = rec {
     mapAttrs (name: _: path + "/${name}")
              (filterAttrs (_: eq "directory") (readDir path));
 
+  getAttrDef = name: set: set.${name} or set.default or null;
   mapAttrValues = f: mapAttrs (_: f);
   setAttr = name: value: set: set // { ${name} = value; };
 
-- 
cgit v1.2.3


From 444d85ea86d150c4257781605ed372357cda2e18 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Mar 2016 01:54:49 +0100
Subject: krebs types += ssh-{priv,pub}key

---
 krebs/4lib/types.nix | 44 +++++++++++++++++++++++---------------------
 1 file changed, 23 insertions(+), 21 deletions(-)

(limited to 'krebs/4lib')

diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index 334a94c3..ed6ae9e4 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -47,7 +47,7 @@ types // rec {
       };
 
       ssh.pubkey = mkOption {
-        type = nullOr str;
+        type = nullOr ssh-pubkey;
         default = null;
         apply = x:
           optionalTrace (x == null && config.owner.name == build.user.name)
@@ -55,25 +55,7 @@ types // rec {
             x;
       };
       ssh.privkey = mkOption {
-        type = nullOr (submodule {
-          options = {
-            bits = mkOption {
-              type = nullOr (enum ["4096"]);
-              default = null;
-            };
-            path = mkOption {
-              type = either path str;
-              apply = x: {
-                path = toString x;
-                string = x;
-              }.${typeOf x};
-            };
-            type = mkOption {
-              type = enum ["rsa" "ed25519"];
-              default = "ed25519";
-            };
-          };
-        });
+        type = nullOr ssh-privkey;
         default = null;
       };
     };
@@ -184,7 +166,7 @@ types // rec {
         default = config._module.args.name;
       };
       pubkey = mkOption {
-        type = nullOr str;
+        type = nullOr ssh-pubkey;
         default = null;
       };
       uid = mkOption {
@@ -198,6 +180,26 @@ types // rec {
   addr = str;
   addr4 = str;
   addr6 = str;
+  ssh-pubkey = str;
+  ssh-privkey = submodule {
+    options = {
+      bits = mkOption {
+        type = nullOr (enum ["4096"]);
+        default = null;
+      };
+      path = mkOption {
+        type = either path str;
+        apply = x: {
+          path = toString x;
+          string = x;
+        }.${typeOf x};
+      };
+      type = mkOption {
+        type = enum ["rsa" "ed25519"];
+        default = "ed25519";
+      };
+    };
+  };
 
   krebs.file-location = types.submodule {
     options = {
-- 
cgit v1.2.3


From 9d16ea61451aff36963cef3610ac8d51ed0b488b Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Mar 2016 01:57:03 +0100
Subject: krebs types += pgp-pubkey, user.pgp.pubkey

---
 krebs/4lib/types.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'krebs/4lib')

diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index ed6ae9e4..11298444 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -165,6 +165,16 @@ types // rec {
         type = username;
         default = config._module.args.name;
       };
+      pgp.pubkeys = mkOption {
+        type = attrsOf pgp-pubkey;
+        default = {};
+        description = ''
+          Set of user's PGP public keys.
+
+          Modules supporting PGP may use well-known key names to define option
+          defaults, e.g. using `getAttrDef well-known-name pubkeys`.
+        '';
+      };
       pubkey = mkOption {
         type = nullOr ssh-pubkey;
         default = null;
@@ -180,6 +190,9 @@ types // rec {
   addr = str;
   addr4 = str;
   addr6 = str;
+
+  pgp-pubkey = str;
+
   ssh-pubkey = str;
   ssh-privkey = submodule {
     options = {
-- 
cgit v1.2.3


From 20afe7b9aeb5d523e10a0d5c597b8c1656bca58e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Mar 2016 02:04:22 +0100
Subject: krebs types += tinc-pubkey

---
 krebs/4lib/types.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'krebs/4lib')

diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index 11298444..32d1daf9 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -111,7 +111,7 @@ types // rec {
               );
             };
             pubkey = mkOption {
-              type = str;
+              type = tinc-pubkey;
             };
           };
         }));
@@ -214,6 +214,8 @@ types // rec {
     };
   };
 
+  tinc-pubkey = str;
+
   krebs.file-location = types.submodule {
     options = {
       # TODO user
-- 
cgit v1.2.3