diff --git a/src/nix/hive/options.nix b/src/nix/hive/options.nix index 95dcf1a..3f56642 100644 --- a/src/nix/hive/options.nix +++ b/src/nix/hive/options.nix @@ -1,18 +1,17 @@ with builtins; rec { keyType = { lib, name, config, ... }: let inherit (lib) types; - mdDoc = lib.mdDoc or (md: md); in { options = { name = lib.mkOption { - description = mdDoc '' + description = '' File name of the key. ''; default = name; type = types.str; }; text = lib.mkOption { - description = mdDoc '' + description = '' Content of the key. One of `text`, `keyCommand` and `keyFile` must be set. ''; @@ -20,7 +19,7 @@ with builtins; rec { type = types.nullOr types.str; }; keyFile = lib.mkOption { - description = mdDoc '' + description = '' Path of the local file to read the key from. One of `text`, `keyCommand` and `keyFile` must be set. ''; @@ -29,7 +28,7 @@ with builtins; rec { type = types.nullOr types.path; }; keyCommand = lib.mkOption { - description = mdDoc '' + description = '' Command to run to generate the key. One of `text`, `keyCommand` and `keyFile` must be set. ''; @@ -39,14 +38,14 @@ with builtins; rec { in types.nullOr nonEmptyList; }; destDir = lib.mkOption { - description = mdDoc '' + description = '' Destination directory on the host. ''; default = "/run/keys"; type = types.path; }; path = lib.mkOption { - description = mdDoc '' + description = '' Full path to the destination. ''; default = "${config.destDir}/${config.name}"; @@ -54,28 +53,28 @@ with builtins; rec { internal = true; }; user = lib.mkOption { - description = mdDoc '' + description = '' The group that will own the file. ''; default = "root"; type = types.str; }; group = lib.mkOption { - description = mdDoc '' + description = '' The group that will own the file. ''; default = "root"; type = types.str; }; permissions = lib.mkOption { - description = mdDoc '' + description = '' Permissions to set for the file. ''; default = "0600"; type = types.str; }; uploadAt = lib.mkOption { - description = mdDoc '' + description = '' When to upload the keys. - pre-activation (default): Upload the keys before activating the new system profile. @@ -94,12 +93,11 @@ with builtins; rec { # Largely compatible with NixOps/Morph. deploymentOptions = { name, lib, ... }: let inherit (lib) types; - mdDoc = lib.mdDoc or (md: md); in { options = { deployment = { targetHost = lib.mkOption { - description = mdDoc '' + description = '' The target SSH node for deployment. By default, the node's attribute name will be used. @@ -109,7 +107,7 @@ with builtins; rec { default = name; }; targetPort = lib.mkOption { - description = mdDoc '' + description = '' The target SSH port for deployment. By default, the port is the standard port (22) or taken @@ -119,7 +117,7 @@ with builtins; rec { default = null; }; targetUser = lib.mkOption { - description = mdDoc '' + description = '' The user to use to log into the remote node. If set to null, the target user will not be specified in SSH invocations. ''; @@ -127,7 +125,7 @@ with builtins; rec { default = "root"; }; allowLocalDeployment = lib.mkOption { - description = mdDoc '' + description = '' Allow the configuration to be applied locally on the host running Colmena. @@ -144,7 +142,7 @@ with builtins; rec { default = false; }; buildOnTarget = lib.mkOption { - description = mdDoc '' + description = '' Whether to build the system profiles on the target node itself. When enabled, Colmena will copy the derivation to the target @@ -164,7 +162,7 @@ with builtins; rec { default = false; }; tags = lib.mkOption { - description = mdDoc '' + description = '' A list of tags for the node. Can be used to select a group of nodes for deployment. @@ -173,7 +171,7 @@ with builtins; rec { default = []; }; keys = lib.mkOption { - description = mdDoc '' + description = '' A set of secrets to be deployed to the node. Secrets are transferred to the node out-of-band and @@ -183,7 +181,7 @@ with builtins; rec { default = {}; }; replaceUnknownProfiles = lib.mkOption { - description = mdDoc '' + description = '' Allow a configuration to be applied to a host running a profile we have no knowledge of. By setting this option to false, you reduce the likelyhood of rolling back changes made via another Colmena user. @@ -199,7 +197,7 @@ with builtins; rec { default = true; }; privilegeEscalationCommand = lib.mkOption { - description = mdDoc '' + description = '' Command to use to elevate privileges when activating the new profiles on SSH hosts. This is used on SSH hosts when `deployment.targetUser` is not `root`. @@ -209,7 +207,7 @@ with builtins; rec { default = [ "sudo" "-H" "--" ]; }; sshOptions = lib.mkOption { - description = mdDoc '' + description = '' Extra SSH options to pass to the SSH command. ''; type = types.listOf types.str; @@ -221,29 +219,28 @@ with builtins; rec { # Hive-wide options metaOptions = { lib, ... }: let inherit (lib) types; - mdDoc = lib.mdDoc or (md: md); in { options = { name = lib.mkOption { - description = mdDoc '' + description = '' The name of the configuration. ''; type = types.str; default = "hive"; }; description = lib.mkOption { - description = mdDoc '' + description = '' A short description for the configuration. ''; type = types.str; default = "A Colmena Hive"; }; nixpkgs = lib.mkOption { - description = mdDoc '' + description = '' The pinned Nixpkgs package set. Accepts one of the following: - A path to a Nixpkgs checkout - - The Nixpkgs lambda (e.g., import \) + - The Nixpkgs lambda (e.g., import ) - An initialized Nixpkgs attribute set This option must be specified when using Flakes. @@ -252,21 +249,21 @@ with builtins; rec { default = null; }; nodeNixpkgs = lib.mkOption { - description = mdDoc '' + description = '' Node-specific Nixpkgs pins. ''; type = types.attrsOf types.unspecified; default = {}; }; nodeSpecialArgs = lib.mkOption { - description = mdDoc '' + description = '' Node-specific special args. ''; type = types.attrsOf types.unspecified; default = {}; }; machinesFile = lib.mkOption { - description = mdDoc '' + description = '' Use the machines listed in this file when building this hive configuration. If your Colmena host has nix configured to allow for remote builds @@ -290,7 +287,7 @@ with builtins; rec { type = types.nullOr types.path; }; specialArgs = lib.mkOption { - description = mdDoc '' + description = '' A set of special arguments to be passed to NixOS modules. This will be merged into the `specialArgs` used to evaluate @@ -300,7 +297,7 @@ with builtins; rec { type = types.attrsOf types.unspecified; }; allowApplyAll = lib.mkOption { - description = mdDoc '' + description = '' Whether to allow deployments without a node filter set. If set to false, a node filter must be specified with `--on` when