style: avoid usage of top-level "with lib;" #195
|
@ -13,25 +13,29 @@
|
|||
./users.nix
|
||||
];
|
||||
|
||||
options.pub-solar-os = with lib; {
|
||||
adminEmail = mkOption {
|
||||
description = "Email address to use for administrative stuff like ACME";
|
||||
type = types.str;
|
||||
default = "admins@pub.solar";
|
||||
};
|
||||
options.pub-solar-os =
|
||||
let
|
||||
inherit (lib) mkOption types;
|
||||
in
|
||||
{
|
||||
adminEmail = mkOption {
|
||||
description = "Email address to use for administrative stuff like ACME";
|
||||
type = types.str;
|
||||
default = "admins@pub.solar";
|
||||
};
|
||||
|
||||
privacyPolicyUrl = mkOption {
|
||||
description = "URL of the privacy policy. Used to link there from applications";
|
||||
type = types.str;
|
||||
default = "https://pub.solar/privacy";
|
||||
};
|
||||
privacyPolicyUrl = mkOption {
|
||||
description = "URL of the privacy policy. Used to link there from applications";
|
||||
type = types.str;
|
||||
default = "https://pub.solar/privacy";
|
||||
};
|
||||
|
||||
imprintUrl = mkOption {
|
||||
description = "URL of the imprint. Used to link there from applications";
|
||||
type = types.str;
|
||||
default = "https://pub.solar/about";
|
||||
imprintUrl = mkOption {
|
||||
description = "URL of the imprint. Used to link there from applications";
|
||||
type = types.str;
|
||||
default = "https://pub.solar/about";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
environment = {
|
||||
|
|
|
@ -5,18 +5,22 @@
|
|||
...
|
||||
}:
|
||||
{
|
||||
options.pub-solar-os.networking = with lib; {
|
||||
domain = mkOption {
|
||||
description = "domain on which all services should run. This defaults to pub.solar";
|
||||
type = types.str;
|
||||
default = "pub.solar";
|
||||
};
|
||||
options.pub-solar-os.networking =
|
||||
let
|
||||
inherit (lib) mkOption types;
|
||||
in
|
||||
{
|
||||
domain = mkOption {
|
||||
description = "domain on which all services should run. This defaults to pub.solar";
|
||||
type = types.str;
|
||||
default = "pub.solar";
|
||||
};
|
||||
|
||||
defaultInterface = mkOption {
|
||||
description = "Network interface which should be used as the default internet-connected one";
|
||||
type = types.nullOr types.str;
|
||||
defaultInterface = mkOption {
|
||||
description = "Network interface which should be used as the default internet-connected one";
|
||||
type = types.nullOr types.str;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
|
||||
|
@ -41,7 +45,7 @@
|
|||
# This breaks compatibilty with clients that do not offer these MACs. For
|
||||
# compatibility reasons, we add back the old defaults.
|
||||
# See: https://github.com/NixOS/nixpkgs/pull/231165
|
||||
#
|
||||
#
|
||||
# https://blog.stribik.technology/2015/01/04/secure-secure-shell.html
|
||||
# https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67
|
||||
Macs = [
|
||||
|
|
|
@ -6,37 +6,41 @@
|
|||
...
|
||||
}:
|
||||
{
|
||||
options.pub-solar-os.authentication = with lib; {
|
||||
username = mkOption {
|
||||
description = "Username for the adminstrative user";
|
||||
type = types.str;
|
||||
default = flake.self.username;
|
||||
};
|
||||
options.pub-solar-os.authentication =
|
||||
let
|
||||
inherit (lib) mkOption types;
|
||||
in
|
||||
{
|
||||
username = mkOption {
|
||||
description = "Username for the adminstrative user";
|
||||
type = types.str;
|
||||
default = flake.self.username;
|
||||
};
|
||||
|
||||
sshPubKeys = mkOption {
|
||||
description = "SSH Keys that should have administrative root access";
|
||||
type = types.listOf types.str;
|
||||
default = flake.self.logins.admins.sshPubKeys;
|
||||
};
|
||||
sshPubKeys = mkOption {
|
||||
description = "SSH Keys that should have administrative root access";
|
||||
type = types.listOf types.str;
|
||||
default = flake.self.logins.admins.sshPubKeys;
|
||||
};
|
||||
|
||||
root.initialHashedPassword = mkOption {
|
||||
description = "Hashed password of the root account";
|
||||
type = types.str;
|
||||
default = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32";
|
||||
};
|
||||
root.initialHashedPassword = mkOption {
|
||||
description = "Hashed password of the root account";
|
||||
type = types.str;
|
||||
default = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32";
|
||||
};
|
||||
|
||||
robot.username = mkOption {
|
||||
description = "username for the robot user";
|
||||
type = types.str;
|
||||
default = "hakkonaut";
|
||||
};
|
||||
robot.username = mkOption {
|
||||
description = "username for the robot user";
|
||||
type = types.str;
|
||||
default = "hakkonaut";
|
||||
};
|
||||
|
||||
robot.sshPubKeys = mkOption {
|
||||
description = "SSH Keys to use for the robot user";
|
||||
type = types.listOf types.str;
|
||||
default = flake.self.logins.robots.sshPubKeys;
|
||||
robot.sshPubKeys = mkOption {
|
||||
description = "SSH Keys to use for the robot user";
|
||||
type = types.listOf types.str;
|
||||
default = flake.self.logins.robots.sshPubKeys;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
users.users.${config.pub-solar-os.authentication.username} = {
|
||||
|
|
|
@ -6,12 +6,12 @@
|
|||
...
|
||||
}:
|
||||
{
|
||||
options.pub-solar-os.auth = with lib; {
|
||||
enable = mkEnableOption "Enable keycloak to run on the node";
|
||||
options.pub-solar-os.auth = {
|
||||
enable = lib.mkEnableOption "Enable keycloak to run on the node";
|
||||
|
||||
realm = mkOption {
|
||||
realm = lib.mkOption {
|
||||
description = "Name of the realm";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
default = config.pub-solar-os.networking.domain;
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue