From a8b5d136389f1d67f01e08279928b3ab89b8a38b Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Wed, 10 Jun 2020 15:21:15 -0400
Subject: [PATCH] Have the issuer function configure ssh users

---
 morph/grid/production/grid.nix | 1 +
 morph/grid/testing/grid.nix    | 1 +
 morph/lib/issuer.nix           | 2 ++
 3 files changed, 4 insertions(+)

diff --git a/morph/grid/production/grid.nix b/morph/grid/production/grid.nix
index a65b77bd..cf8f7eb9 100644
--- a/morph/grid/production/grid.nix
+++ b/morph/grid/production/grid.nix
@@ -18,6 +18,7 @@ import ../../lib/make-grid.nix {
     #
     # The names must be unique!
     "payments.privatestorage.io" = import ../../lib/issuer.nix ({
+      sshUsers = import ../../../../PrivateStorageSecrets/production-users.nix;
       hardware = ../../lib/issuer-aws.nix;
       stateVersion = "19.03";
     } // cfg);
diff --git a/morph/grid/testing/grid.nix b/morph/grid/testing/grid.nix
index 4db91363..b6161f5a 100644
--- a/morph/grid/testing/grid.nix
+++ b/morph/grid/testing/grid.nix
@@ -6,6 +6,7 @@ import ../../lib/make-grid.nix {
   config = ./config.json;
   nodes = cfg: {
     "payments.privatestorage-staging.com" = import ../../lib/issuer.nix ({
+      sshUsers = import ../../../../PrivateStorageSecrets/staging-users.nix;
       hardware = ../../lib/issuer-aws.nix;
       stateVersion = "19.03";
     } // cfg);
diff --git a/morph/lib/issuer.nix b/morph/lib/issuer.nix
index 6e1eca67..33c87f70 100644
--- a/morph/lib/issuer.nix
+++ b/morph/lib/issuer.nix
@@ -4,6 +4,7 @@
 , issuerDomain
 , letsEncryptAdminEmail
 , allowedChargeOrigins
+, sshUsers
 , stateVersion
 , ...
 }: {
@@ -33,6 +34,7 @@
     ../../nixos/modules/issuer.nix
   ];
 
+  services.private-storage.sshUsers = sshUsers;
   services.private-storage-issuer = {
     enable = true;
     tls = true;
-- 
GitLab