gluster service: use str instead of path for private key

This pervents the user from accidently commiting the key to the nix store.
If providing a path instead of a string.
This commit is contained in:
Pascal Bach 2017-09-17 18:49:02 +02:00
parent c68118ce65
commit 8ed758696c

View File

@ -61,9 +61,9 @@ in
default = null;
type = types.nullOr (types.submodule {
options = {
tlsKey = mkOption {
tlsKeyPath = mkOption {
default = null;
type = types.path;
type = types.str;
description = "Path to the private key used for TLS.";
};
@ -93,7 +93,7 @@ in
environment.etc = mkIf (cfg.tlsSettings != null) {
"ssl/glusterfs.pem".source = cfg.tlsSettings.tlsPem;
"ssl/glusterfs.key".source = cfg.tlsSettings.tlsKey;
"ssl/glusterfs.key".source = cfg.tlsSettings.tlsKeyPath;
"ssl/glusterfs.ca".source = cfg.tlsSettings.caCert;
};