john/dendritic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

options organization

Browse Source
This commit is contained in:
John Lancaster
2026-03-15 20:18:01 -05:00
parent 832149305b
commit dfefb9682f
1 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
modules/services/step-ca/ssh-host.nix
View File

@@ -16,25 +16,27 @@ in
# NixOS Options
options.step-ssh-host = {
hostname = lib.mkOption {
description = "Networking host name";
type = lib.types.str;
};
caURL = lib.mkOption {
description = "URL for the certificate authority";
type = lib.types.str;
default = "${caURL}";
};
rootCertFile = {
path = lib.mkOption {
type = lib.types.str;
description = "String path to where the root_ca.crt file will be stored for the user";
type = lib.types.str;
default = "step/certs/root_ca.crt";
};
source = lib.mkOption {
type = lib.types.path;
description = "Nix path to the root cert file within the repo";
type = lib.types.path;
default = ../../../keys/root_ca.crt;
};
};
sshHostProvisioner = lib.mkOption {
provisioner = lib.mkOption {
description = "Provisioner inside Step CA to use for the SSH certificates";
type = lib.types.str;
default = "admin";
};
@@ -60,7 +62,7 @@ in
--host --sign \
--root "${rootCertPath}" \
--ca-url ${cfg.caURL} \
--provisioner "${cfg.sshHostProvisioner}" \
--provisioner "${cfg.provisioner}" \
--provisioner-password-file "${provisionerPasswordPath}" \
--principal "${cfg.hostname}" \
--principal "${cfg.hostname}.john-stream.com" \