mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-17 19:21:04 +00:00
Code Issues Wiki Activity

nixos/nix.sshServe: remove with lib;

Browse source
This commit is contained in:
Felix Buehler 2024-08-24 22:05:50 +02:00
parent 42bdc30f19
commit b48bee9985
1 changed files with 9 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
nixos/modules/services/misc/nix-ssh-serve.nix
View file

@ -1,6 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.nix.sshServe;
command =
if cfg.protocol == "ssh"
@ -11,27 +9,27 @@ in {
nix.sshServe = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to enable serving the Nix store as a remote store via SSH.";
};
write = mkOption {
type = types.bool;
write = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to enable writing to the Nix store as a remote store via SSH. Note: the sshServe user is named nix-ssh and is not a trusted-user. nix-ssh should be added to the {option}`nix.settings.trusted-users` option in most use cases, such as allowing remote building of derivations.";
};
keys = mkOption {
type = types.listOf types.str;
keys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
example = [ "ssh-dss AAAAB3NzaC1k... alice@example.org" ];
description = "A list of SSH public keys allowed to access the binary cache via SSH.";
};
protocol = mkOption {
type = types.enum [ "ssh" "ssh-ng" ];
protocol = lib.mkOption {
type = lib.types.enum [ "ssh" "ssh-ng" ];
default = "ssh";
description = "The specific Nix-over-SSH protocol to use.";
};
@ -40,7 +38,7 @@ in {
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
users.users.nix-ssh = {
description = "Nix SSH store user";