clerie/nixfiles
1
0
Fork 0
Code

modules/monitoring: specify custom privateKeyFile path for wg-monitoring

Browse Source
This commit is contained in:
clerie 2023-05-06 16:11:49 +02:00
parent f8328936b9
commit 2feb1b2b4c
3 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/aluminium/configuration.nix
View File

@ -59,6 +59,7 @@
id = "212"; id = "212";
pubkey = "P1ONelxezvkcLJFyvuCVeIUd3uewPIlONfKk9y6h9QE="; pubkey = "P1ONelxezvkcLJFyvuCVeIUd3uewPIlONfKk9y6h9QE=";
serviceLevel = "event"; serviceLevel = "event";
privateKeyFile = "/var/src/secrets/wireguard/wg-monitoring";
}; };
system.stateVersion = "22.11"; system.stateVersion = "22.11";

1
hosts/beryllium/configuration.nix
View File

@ -61,6 +61,7 @@
id = "213"; id = "213";
pubkey = "hMIr7fgfZwSjNufRaMtq+7MDxfwN3XLJ4ZlmSOoFrz4="; pubkey = "hMIr7fgfZwSjNufRaMtq+7MDxfwN3XLJ4ZlmSOoFrz4=";
serviceLevel ="event"; serviceLevel ="event";
privateKeyFile = "/var/src/secrets/wireguard/wg-monitoring";
}; };
system.stateVersion = "22.11"; system.stateVersion = "22.11";

7
modules/monitoring/default.nix
View File

@ -21,6 +21,11 @@ in
type = types.str; type = types.str;
description = "Public Key of the monitoring wireguard interface of this host"; description = "Public Key of the monitoring wireguard interface of this host";
}; };
privateKeyFile = mkOption {
type = with types; nullOr str;
default = null;
description = "Path to private key file, pulls secret from secret store when null";
};
serviceLevel = mkOption { serviceLevel = mkOption {
type = types.str; type = types.str;
default = "infra"; default = "infra";
@ -49,7 +54,7 @@ in
publicKey = "eyhJKV41E1F0gZHBNqyzUnj72xg5f3bdDduVtpPN4AY="; publicKey = "eyhJKV41E1F0gZHBNqyzUnj72xg5f3bdDduVtpPN4AY=";
} }
]; ];
privateKeyFile = config.age.secrets.wg-monitoring.path; privateKeyFile = if cfg.privateKeyFile == null then config.age.secrets.wg-monitoring.path else cfg.privateKeyFile;
}; };
}; };