[Nix-dev] [PATCH] authorized_keys in users.extraUsers
Nicolas Pierron
nicolas.b.pierron at gmail.com
Thu Oct 20 16:51:04 CEST 2011
Hi Rickard,
On Thu, Oct 20, 2011 at 00:11, Rickard Nilsson
<rickard.nilsson at telia.com> wrote:
> Hi Nicolas,
>
> Den 2011-10-19 01:21:02 skrev Nicolas Pierron <nicolas.b.pierron at gmail.com>:
>
>> Hi Rickard,
>>
>> On Tue, Oct 18, 2011 at 00:40, Rickard Nilsson
>> <rickard.nilsson at telia.com> wrote:
>>
>> This is the way to proceed, may be the error messages are not
>> extremelly explicit about the corner cases. Not many users end-up
>> working with such (nice) features of the NixOS module system. I am
>> happy to see that you are going into the right way with a few examples
>> :)
>>
>>> users = mkOption {
>>> default = {};
>>> description = ''
>>> '';
>>> type = types.loaOf types.optionSet;
>>> options = [ usersOptions ];
>>> };
>>>
>>> However, this made Nix complain about types. If I renamed "users" to
>>> something that isn't already defined it worked fine though.
>>
>> You should not redefine the type, default and the description. Such
>> things are only accepted once per option declarations.
>>
>> The following should work, any changes of the type should be done in
>> the original declaration.
>>
>> users = mkOption {
>> options = [ usersOptions ];
>> };
>
> I see, that makes sense. Thinking about it, I probably can't put the
> configuration in users.<name?>.xx anyway, since it will collide with
> a lot of other stuff (like users.ldap.xx for example). Would it make
> sense to put it in user.<name?>.openssh.xx instead?
> Or is "user" and "users" too easy to mix up?
Oh, my fault. What I meant was
users.extraUsers.<name?>.openssh.authorizedKeys ;)
You will need to add a type to the extraUsers option, and use listOf
in your first essay ;)
listOf is bad and would be deprecated for optionSet, so I will try to
make a fork of loaOf where is name is extracted from the attribute set
;)
--
Nicolas Pierron
http://www.linkedin.com/in/nicolasbpierron - http://nbp.name/
More information about the nix-dev
mailing list