[Nix-dev] Setting default group & permissions on deployment.keys
Rob Vermaas
rob.vermaas at gmail.com
Tue Jun 14 12:06:24 CEST 2016
Hi Erik,
> Is there a way to define a default group and permissions for all keys
> without me specifying this for each key individually?
> I'm currently well over 200 keys per machine so adding the group and
> permissions for each key is quite elaborate..
You could do somthing like:
deployment.keys =
let
keyDir = /path/to/dir/with/my/keys;
keys = builtins.attrNames (lib.filterAttrs (n: v: v ==
"regular" ) (builtins.readDir keyDir));
in with lib; listToAttrs (map (n: nameValuePair n { text =
builtins.readFile (keyDir + ("/" + n)); group = "keys"; permissions =
"0640"; }) keys);
This would upload all files in /path/to/dir/with/my/keys to the
machine in /run/keys. Note I didn't test this, so it might have some
typos, biut hope the idea is clear. It's an adapted piece copied from
something similar we are using.
Cheers,
--
Rob Vermaas
[email] rob.vermaas at gmail.com
More information about the nix-dev
mailing list