Add deployment.keys.<key>.keyFile option
This commit is contained in:
parent
9f4d5a2221
commit
f521f19629
1 changed files with 21 additions and 1 deletions
|
@ -103,8 +103,19 @@ let
|
||||||
text = lib.mkOption {
|
text = lib.mkOption {
|
||||||
description = ''
|
description = ''
|
||||||
Content of the key.
|
Content of the key.
|
||||||
|
Either `keyFile` or `text` must be set.
|
||||||
'';
|
'';
|
||||||
type = types.str;
|
default = null;
|
||||||
|
type = types.nullOr types.str;
|
||||||
|
};
|
||||||
|
keyFile = lib.mkOption {
|
||||||
|
description = ''
|
||||||
|
Path of the local file to read the key from.
|
||||||
|
Either `keyFile` or `text` must be set.
|
||||||
|
'';
|
||||||
|
default = null;
|
||||||
|
apply = value: if value == null then null else toString value;
|
||||||
|
type = types.nullOr types.path;
|
||||||
};
|
};
|
||||||
destDir = lib.mkOption {
|
destDir = lib.mkOption {
|
||||||
description = ''
|
description = ''
|
||||||
|
@ -178,8 +189,17 @@ let
|
||||||
then mkNixpkgs "meta.nodeNixpkgs.${name}" hive.meta.nodeNixpkgs.${name}
|
then mkNixpkgs "meta.nodeNixpkgs.${name}" hive.meta.nodeNixpkgs.${name}
|
||||||
else pkgs;
|
else pkgs;
|
||||||
evalConfig = import (npkgs.path + "/nixos/lib/eval-config.nix");
|
evalConfig = import (npkgs.path + "/nixos/lib/eval-config.nix");
|
||||||
|
assertionModule = { config, ... }: {
|
||||||
|
assertions = lib.mapAttrsToList (key: opts: {
|
||||||
|
assertion = (opts.text == null) != (opts.keyFile == null);
|
||||||
|
message =
|
||||||
|
let prefix = "${name}.deployment.keys.${key}";
|
||||||
|
in "Exactly one of `${prefix}.text` and `${prefix}.keyFile` must be set.";
|
||||||
|
}) config.deployment.keys;
|
||||||
|
};
|
||||||
in evalConfig {
|
in evalConfig {
|
||||||
modules = [
|
modules = [
|
||||||
|
assertionModule
|
||||||
deploymentOptions
|
deploymentOptions
|
||||||
hive.defaults
|
hive.defaults
|
||||||
config
|
config
|
||||||
|
|
Loading…
Reference in a new issue