gluster service: use str instead of path for private key
This pervents the user from accidently commiting the key to the nix store. If providing a path instead of a string.
This commit is contained in:
parent
c68118ce65
commit
8ed758696c
@ -61,9 +61,9 @@ in
|
||||
default = null;
|
||||
type = types.nullOr (types.submodule {
|
||||
options = {
|
||||
tlsKey = mkOption {
|
||||
tlsKeyPath = mkOption {
|
||||
default = null;
|
||||
type = types.path;
|
||||
type = types.str;
|
||||
description = "Path to the private key used for TLS.";
|
||||
};
|
||||
|
||||
@ -93,7 +93,7 @@ in
|
||||
|
||||
environment.etc = mkIf (cfg.tlsSettings != null) {
|
||||
"ssl/glusterfs.pem".source = cfg.tlsSettings.tlsPem;
|
||||
"ssl/glusterfs.key".source = cfg.tlsSettings.tlsKey;
|
||||
"ssl/glusterfs.key".source = cfg.tlsSettings.tlsKeyPath;
|
||||
"ssl/glusterfs.ca".source = cfg.tlsSettings.caCert;
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user