john/dendritic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

formatting

Browse Source
This commit is contained in:
John Lancaster
2026-04-01 20:44:40 -05:00
parent 1fe4d59ce6
commit a7b65e4eee
1 changed files with 22 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/hosts/janus/default.nix
+22 -21
View File
@@ -6,27 +6,29 @@ let
fingerprint = "2036c44f7b5901566ff7611ea6c927291ecc6d2dd00779c0eead70ec77fa10d6";
in
{
flake.modules.nixos.janus-ca = { config, lib, ... }:
let
johnHome = lib.attrByPath [ "users" "users" username "home" ] "/home/${username}" config;
johnGroup = lib.attrByPath [ "users" "users" username "group" ] username config;
mkStepRules = home: user: group: [
"d ${home}/.step 0700 ${user} ${group} -"
"d ${home}/.step/config 0700 ${user} ${group} -"
"d ${home}/.step/certs 0700 ${user} ${group} -"
"L+ ${home}/.step/config/defaults.json - - - - /etc/step/config/defaults.json"
"L+ ${home}/.step/certs/root_ca.crt - - - - /etc/step/certs/root_ca.crt"
];
in {
environment.etc."step/config/defaults.json".text = builtins.toJSON {
inherit ca-url fingerprint;
root = "/etc/step/certs/root_ca.crt";
flake.modules.nixos.janus-ca =
{ config, lib, ... }:
let
johnHome = lib.attrByPath [ "users" "users" username "home" ] "/home/${username}" config;
johnGroup = lib.attrByPath [ "users" "users" username "group" ] username config;
mkStepRules = home: user: group: [
"d ${home}/.step 0700 ${user} ${group} -"
"d ${home}/.step/config 0700 ${user} ${group} -"
"d ${home}/.step/certs 0700 ${user} ${group} -"
"L+ ${home}/.step/config/defaults.json - - - - /etc/step/config/defaults.json"
"L+ ${home}/.step/certs/root_ca.crt - - - - /etc/step/certs/root_ca.crt"
];
in
{
environment.etc."step/config/defaults.json".text = builtins.toJSON {
inherit ca-url fingerprint;
root = "/etc/step-ca/certs/root_ca.crt";
};
environment.etc."step-ca/certs/root_ca.crt".source = ./root_ca.crt;
systemd.tmpfiles.rules =
mkStepRules johnHome username johnGroup
++ mkStepRules "/root" "root" "root";
};
environment.etc."step/certs/root_ca.crt".source = ./root_ca.crt;
systemd.tmpfiles.rules =
mkStepRules johnHome username johnGroup
++ mkStepRules "/root" "root" "root";
};
flake.modules.homeManager.janus-ca = { config, ... }: {
home.file.".step/config/defaults.json".text = builtins.toJSON {
@@ -73,7 +75,6 @@ in
];
};
flake-file.inputs = {
wrappers = {
url = "github:lassulus/wrappers";