diff options
author | Jaka Hudoklin <jakahudoklin@gmail.com> | 2017-05-30 11:57:52 +0200 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2017-09-24 11:44:25 +0200 |
commit | c2622910ab2fe37664ae5effa2b839c46dda7196 (patch) | |
tree | 2be282fac52f698c6ae02a3784a52761ddc9e999 /nixos/modules/services/cluster | |
parent | c96ca5f3bd5f458cdbee4fba25d607fa6c509600 (diff) | |
download | nixlib-c2622910ab2fe37664ae5effa2b839c46dda7196.tar nixlib-c2622910ab2fe37664ae5effa2b839c46dda7196.tar.gz nixlib-c2622910ab2fe37664ae5effa2b839c46dda7196.tar.bz2 nixlib-c2622910ab2fe37664ae5effa2b839c46dda7196.tar.lz nixlib-c2622910ab2fe37664ae5effa2b839c46dda7196.tar.xz nixlib-c2622910ab2fe37664ae5effa2b839c46dda7196.tar.zst nixlib-c2622910ab2fe37664ae5effa2b839c46dda7196.zip |
kubernetes module: add support for common CA file
Diffstat (limited to 'nixos/modules/services/cluster')
-rw-r--r-- | nixos/modules/services/cluster/kubernetes/default.nix | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/nixos/modules/services/cluster/kubernetes/default.nix b/nixos/modules/services/cluster/kubernetes/default.nix index a37f4fd1d755..449094175ce8 100644 --- a/nixos/modules/services/cluster/kubernetes/default.nix +++ b/nixos/modules/services/cluster/kubernetes/default.nix @@ -49,7 +49,7 @@ let caFile = mkOption { description = "${prefix} certificate authrority file used to connect to kube-apiserver."; type = types.nullOr types.path; - default = null; + default = cfg.caFile; }; certFile = mkOption { @@ -256,13 +256,19 @@ in { caFile = mkOption { description = "Etcd ca file."; - default = null; + default = cfg.caFile; type = types.nullOr types.path; }; }; kubeconfig = mkKubeConfigOptions "Default kubeconfig"; + caFile = mkOption { + description = "Default kubernetes certificate authority"; + type = types.nullOr types.path; + default = null; + }; + dataDir = mkOption { description = "Kubernetes root directory for managing kubelet files."; default = "/var/lib/kubernetes"; @@ -335,7 +341,7 @@ in { clientCaFile = mkOption { description = "Kubernetes apiserver CA file for client auth."; - default = null; + default = cfg.caFile; type = types.nullOr types.path; }; @@ -427,7 +433,7 @@ in { kubeletClientCaFile = mkOption { description = "Path to a cert file for connecting to kubelet."; - default = null; + default = cfg.caFile; type = types.nullOr types.path; }; @@ -529,7 +535,7 @@ in { Kubernetes controller manager certificate authority file included in service account's token secret. ''; - default = null; + default = cfg.caFile; type = types.nullOr types.path; }; |