public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/taskserver: Rename .pki options

Browse Source 
We're now using .pki.server.* and .pki.ca.* so that it's entirely clear
what these keys/certificates are for. For example we had just .pki.key
before, which doesn't really tell very much about what it's for except
if you look at the option description.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit is contained in:
aszlig 2016-04-11 13:33:48 +02:00
parent 6395c87d07
commit 05a7cd17fc
No known key found for this signature in database
GPG Key ID: D0EBD0EC8C2DC961
1 changed files with 23 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
nixos/modules/services/misc/taskserver/default.nix
View File

@ -28,24 +28,35 @@ let
}; };
pkiOptions = { pkiOptions = {
cert = mkPkiOption '' ca.cert = mkPkiOption ''
Fully qualified path to the server certificate.
'';
caCert = mkPkiOption ''
Fully qualified path to the CA certificate. Fully qualified path to the CA certificate.
''; '';
crl = mkPkiOption '' server.cert = mkPkiOption ''
Fully qualified path to the server certificate.
'';
server.crl = mkPkiOption ''
Fully qualified path to the server certificate revocation list. Fully qualified path to the server certificate revocation list.
''; '';
key = mkPkiOption '' server.key = mkPkiOption ''
Fully qualified path to the server key. Fully qualified path to the server key.
''; '';
}; };
needToCreateCA = all (c: isNull cfg.pki.${c}) (attrNames pkiOptions); needToCreateCA = let
notFound = path: let
dotted = concatStringsSep "." path;
in throw "Can't find option definitions for path `${dotted}'.";
findPkiDefinitions = path: attrs: let
mkSublist = key: val: let
newPath = path ++ singleton key;
in if isOption val
then attrByPath newPath (notFound newPath) cfg.pki
else findPkiDefinitions newPath val;
in flatten (mapAttrsToList mkSublist attrs);
in all isNull (findPkiDefinitions [] pkiOptions);
configFile = pkgs.writeText "taskdrc" '' configFile = pkgs.writeText "taskdrc" ''
# systemd related # systemd related
@ -69,7 +80,7 @@ let
# server # server
server = ${cfg.listenHost}:${toString cfg.listenPort} server = ${cfg.listenHost}:${toString cfg.listenPort}
${mkConfLine "server.crl" cfg.pki.crl} ${mkConfLine "server.crl" cfg.pki.server.crl}
# certificates # certificates
${mkConfLine "trust" cfg.trust} ${mkConfLine "trust" cfg.trust}
@ -78,9 +89,9 @@ let
server.cert = ${cfg.dataDir}/keys/server.cert server.cert = ${cfg.dataDir}/keys/server.cert
server.key = ${cfg.dataDir}/keys/server.key server.key = ${cfg.dataDir}/keys/server.key
'' else '' '' else ''
ca.cert = ${cfg.pki.caCert} ca.cert = ${cfg.pki.ca.cert}
server.cert = ${cfg.pki.cert} server.cert = ${cfg.pki.server.cert}
server.key = ${cfg.pki.key} server.key = ${cfg.pki.server.key}
''} ''}
''; '';