Global `deployment.keys.<name>.destDir`

NixOS / nixops

NixOps is a tool for deploying to NixOS machines in a network or cloud.

https://nixos.org/nixops

GNU Lesser General Public License v3.0

1.84k stars 363 forks source link

Global `deployment.keys.<name>.destDir` #1457

Open kevincox opened 3 years ago

kevincox commented 3 years ago

deployment.storeKeysOnMachine was removed which means that the only real option is setting destDir for each key. Maybe that value can be restored with it just setting the default destDir for each key to /var/keys or similar? Or simple breaking compatibility and adding a deployment.defaultKeysDir?

roberth commented 2 years ago

You can achieve this with type-merging, although a more obvious solution would be nice. Something like this should work:

# nixops network defaults. You could do it for a single host instead if you prefer.
defaults = { ... }: {
  # this is a nixos module
  options = {
    deployment.keys = lib.mkOption {
      # this gets merged into the existing type
      type = attrsOf (submodule ({ ... }: {
        config.destDir = "/run/nixops-keys";
      });
    };
  };
}