From a8b5d136389f1d67f01e08279928b3ab89b8a38b Mon Sep 17 00:00:00 2001 From: Jean-Paul Calderone <exarkun@twistedmatrix.com> Date: Wed, 10 Jun 2020 15:21:15 -0400 Subject: [PATCH] Have the issuer function configure ssh users --- morph/grid/production/grid.nix | 1 + morph/grid/testing/grid.nix | 1 + morph/lib/issuer.nix | 2 ++ 3 files changed, 4 insertions(+) diff --git a/morph/grid/production/grid.nix b/morph/grid/production/grid.nix index a65b77bd..cf8f7eb9 100644 --- a/morph/grid/production/grid.nix +++ b/morph/grid/production/grid.nix @@ -18,6 +18,7 @@ import ../../lib/make-grid.nix { # # The names must be unique! "payments.privatestorage.io" = import ../../lib/issuer.nix ({ + sshUsers = import ../../../../PrivateStorageSecrets/production-users.nix; hardware = ../../lib/issuer-aws.nix; stateVersion = "19.03"; } // cfg); diff --git a/morph/grid/testing/grid.nix b/morph/grid/testing/grid.nix index 4db91363..b6161f5a 100644 --- a/morph/grid/testing/grid.nix +++ b/morph/grid/testing/grid.nix @@ -6,6 +6,7 @@ import ../../lib/make-grid.nix { config = ./config.json; nodes = cfg: { "payments.privatestorage-staging.com" = import ../../lib/issuer.nix ({ + sshUsers = import ../../../../PrivateStorageSecrets/staging-users.nix; hardware = ../../lib/issuer-aws.nix; stateVersion = "19.03"; } // cfg); diff --git a/morph/lib/issuer.nix b/morph/lib/issuer.nix index 6e1eca67..33c87f70 100644 --- a/morph/lib/issuer.nix +++ b/morph/lib/issuer.nix @@ -4,6 +4,7 @@ , issuerDomain , letsEncryptAdminEmail , allowedChargeOrigins +, sshUsers , stateVersion , ... }: { @@ -33,6 +34,7 @@ ../../nixos/modules/issuer.nix ]; + services.private-storage.sshUsers = sshUsers; services.private-storage-issuer = { enable = true; tls = true; -- GitLab