colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gluster service: use str instead of path for private key

Browse Source 
This pervents the user from accidently commiting the key to the nix store.
If providing a path instead of a string.
This commit is contained in:
Pascal Bach 2017-09-17 18:49:02 +02:00
parent c68118ce65
commit 8ed758696c
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/modules/services/network-filesystems/glusterfs.nix
View File

@ -61,9 +61,9 @@ in
default = null;
type = types.nullOr (types.submodule {
options = {
tlsKey = mkOption {
tlsKeyPath = mkOption {
default = null;
type = types.path;
type = types.str;
description = "Path to the private key used for TLS.";
};
@ -93,7 +93,7 @@ in
environment.etc = mkIf (cfg.tlsSettings != null) {
"ssl/glusterfs.pem".source = cfg.tlsSettings.tlsPem;
"ssl/glusterfs.key".source = cfg.tlsSettings.tlsKey;
"ssl/glusterfs.key".source = cfg.tlsSettings.tlsKeyPath;
"ssl/glusterfs.ca".source = cfg.tlsSettings.caCert;
};