https://nixos.org/nixops/manual/#opt-deployment.keys._name_.user
2016-06-14 11:12 GMT+01:00 4levels <4lev...@gmail.com>: > Hi Rob, > > thank you for your swift reply! > Does this mean I'm actually overriding the default keys behavior as > defined in https://github.com/NixOS/nixops/blob/master/nix/keys.nix ? > I was kind of hoping to be able to write something like > > deployment.keys.*.group = "keys"; > deployment.keys.*.permissions = "0640"; > > I'll give it a try and post back here. > > Kind regards, > > Erik > > On Tue, Jun 14, 2016 at 12:06 PM Rob Vermaas <rob.verm...@gmail.com> > wrote: > >> Hi Erik, >> >> > Is there a way to define a default group and permissions for all keys >> > without me specifying this for each key individually? >> > I'm currently well over 200 keys per machine so adding the group and >> > permissions for each key is quite elaborate.. >> >> You could do somthing like: >> >> deployment.keys = >> let >> keyDir = /path/to/dir/with/my/keys; >> keys = builtins.attrNames (lib.filterAttrs (n: v: v == >> "regular" ) (builtins.readDir keyDir)); >> in with lib; listToAttrs (map (n: nameValuePair n { text = >> builtins.readFile (keyDir + ("/" + n)); group = "keys"; permissions = >> "0640"; }) keys); >> >> This would upload all files in /path/to/dir/with/my/keys to the >> machine in /run/keys. Note I didn't test this, so it might have some >> typos, biut hope the idea is clear. It's an adapted piece copied from >> something similar we are using. >> >> Cheers, >> -- >> Rob Vermaas >> >> [email] rob.verm...@gmail.com >> > > _______________________________________________ > nix-dev mailing list > nix-dev@lists.science.uu.nl > http://lists.science.uu.nl/mailman/listinfo/nix-dev > > -- Tomasz Czyż
_______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev