movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 06:00:33 +03:00
Code Activity

nixos/kubernetes: adds argument to mkCert defaulting to kubernetes group

Browse source
This commit is contained in:
Pedro O. A. Regis 2024-06-21 21:26:08 -03:00
parent 1b1de8b52b
commit a5deaf9e93
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
nixos/modules/services/cluster/kubernetes/default.nix
View file

@ -61,13 +61,13 @@ let
etcdEndpoints = ["https://${cfg.masterAddress}:2379"]; etcdEndpoints = ["https://${cfg.masterAddress}:2379"];
mkCert = { name, CN, hosts ? [], fields ? {}, action ? "", mkCert = { name, CN, hosts ? [], fields ? {}, action ? "",
privateKeyOwner ? "kubernetes" }: rec { privateKeyOwner ? "kubernetes", privateKeyGroup ? "kubernetes" }: rec {
inherit name caCert CN hosts fields action; inherit name caCert CN hosts fields action;
cert = secret name; cert = secret name;
key = secret "${name}-key"; key = secret "${name}-key";
privateKeyOptions = { privateKeyOptions = {
owner = privateKeyOwner; owner = privateKeyOwner;
group = "nogroup"; group = privateKeyGroup;
mode = "0600"; mode = "0600";
path = key; path = key;
}; };