movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-12 04:35:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

Cleanup pki: proxy

Browse source
This commit is contained in:
Christian Albrecht 2019-03-11 11:01:54 +01:00
parent 73657b7fcf
commit 46653f84c9
No known key found for this signature in database
GPG key ID: 866AF4B25DF7EB00
2 changed files with 26 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

17
nixos/modules/services/cluster/kubernetes/pki.nix
View file

@ -124,10 +124,6 @@ in
top.caFile
certmgrAPITokenPath
];
proxyPaths = mkIf top.proxy.enable [
cfg.certs.kubeProxyClient.cert
cfg.certs.kubeProxyClient.key
];
schedulerPaths = mkIf top.scheduler.enable [
cfg.certs.schedulerClient.cert
cfg.certs.schedulerClient.key
@ -366,19 +362,6 @@ in
127.0.0.1 etcd.${top.addons.dns.clusterDomain} etcd.local
'';
systemd.services.kube-proxy = mkIf top.proxy.enable {
environment = { inherit (top.pki.certs.kubeProxyClient) cert key; };
unitConfig.ConditionPathExists = proxyPaths;
};
systemd.paths.kube-proxy = mkIf top.proxy.enable {
wantedBy = [ "kube-proxy.service" ];
pathConfig = {
PathExists = proxyPaths;
PathChanged = proxyPaths;
};
};
services.kubernetes = {
apiserver = mkIf top.apiserver.enable (with cfg.certs.apiServer; {