WIP CA bootstrap rework

2026-03-25 17:55:31 -05:00
parent f8c09878a1
commit 7b0f419454
7 changed files with 11 additions and 39 deletions
@@ -17,10 +17,6 @@ in
  {
    options.step-ssh-user = {
      enable = lib.mkEnableOption "opionated step client config for SSH certs";
-      caURL = lib.mkOption {
-        type = lib.types.str;
-        default = "${caURL}";
-      };
      fingerprint = lib.mkOption {
        type = lib.types.str;
        default = "${stepFingerprint}";
@@ -48,11 +44,6 @@ in
    };
    config = lib.mkIf cfg.enable {
      home.file."${cfg.rootCertFile.path}".source = cfg.rootCertFile.source;
-      home.file.".step/config/defaults.json".text = builtins.toJSON {
-        "ca-url" = cfg.caURL;
-        fingerprint = cfg.fingerprint;
-        root = "${config.home.homeDirectory}/${cfg.rootCertFile.path}";
-      };
      sops.secrets."janus/admin_jwk".mode = "0400";
      home.packages = with pkgs; [
        (writeShellScriptBin "sign-ssh-cert" ''