diff options
author | Pascal Bach <pascal.bach@nextrem.ch> | 2017-09-17 18:49:02 +0200 |
---|---|---|
committer | Pascal Bach <pascal.bach@nextrem.ch> | 2017-09-21 20:35:35 +0200 |
commit | 8ed758696c321a84b3d3d5d08b6bfa004779f211 (patch) | |
tree | ce7812f912b87c4a2971bd6beee7b67f438acf6f /nixos/modules/services/network-filesystems | |
parent | c68118ce651adde39bbb6352151deedb72cecf86 (diff) | |
download | nixlib-8ed758696c321a84b3d3d5d08b6bfa004779f211.tar nixlib-8ed758696c321a84b3d3d5d08b6bfa004779f211.tar.gz nixlib-8ed758696c321a84b3d3d5d08b6bfa004779f211.tar.bz2 nixlib-8ed758696c321a84b3d3d5d08b6bfa004779f211.tar.lz nixlib-8ed758696c321a84b3d3d5d08b6bfa004779f211.tar.xz nixlib-8ed758696c321a84b3d3d5d08b6bfa004779f211.tar.zst nixlib-8ed758696c321a84b3d3d5d08b6bfa004779f211.zip |
gluster service: use str instead of path for private key
This pervents the user from accidently commiting the key to the nix store. If providing a path instead of a string.
Diffstat (limited to 'nixos/modules/services/network-filesystems')
-rw-r--r-- | nixos/modules/services/network-filesystems/glusterfs.nix | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/nixos/modules/services/network-filesystems/glusterfs.nix b/nixos/modules/services/network-filesystems/glusterfs.nix index ae4f4521cf2d..e7f52bc4a7d1 100644 --- a/nixos/modules/services/network-filesystems/glusterfs.nix +++ b/nixos/modules/services/network-filesystems/glusterfs.nix @@ -61,9 +61,9 @@ in default = null; type = types.nullOr (types.submodule { options = { - tlsKey = mkOption { + tlsKeyPath = mkOption { default = null; - type = types.path; + type = types.str; description = "Path to the private key used for TLS."; }; @@ -93,7 +93,7 @@ in environment.etc = mkIf (cfg.tlsSettings != null) { "ssl/glusterfs.pem".source = cfg.tlsSettings.tlsPem; - "ssl/glusterfs.key".source = cfg.tlsSettings.tlsKey; + "ssl/glusterfs.key".source = cfg.tlsSettings.tlsKeyPath; "ssl/glusterfs.ca".source = cfg.tlsSettings.caCert; }; |