32 lines
922 B
Nix
32 lines
922 B
Nix
{ config, pkgs, lib, ... }: with lib; let
|
|
cfg = config.services.ssh-cert-dist;
|
|
in
|
|
{
|
|
imports = [
|
|
./options.nix
|
|
];
|
|
config.systemd.user.services = mkIf cfg.enable (mapAttrs'
|
|
(path: options: {
|
|
inherit (options) name; value = {
|
|
Unit.Description = "ssh-cert-dist service for ${path}";
|
|
Service = {
|
|
Environment = "RUST_LOG=debug";
|
|
ExecStart = toString (pkgs.writeShellApplication {
|
|
name = "ssh-cert-dist-${options.name}";
|
|
runtimeInputs = [ pkgs.ssh-cert-dist ];
|
|
text = ''
|
|
${optionalString options.fetch ''
|
|
ssh-cert-dist client fetch --cert-dir '${path}' --api-endpoint '${cfg.endpoint}'
|
|
''}
|
|
${optionalString options.upload ''
|
|
ssh-cert-dist client upload --api-endpoint '${cfg.endpoint}' ${path}/*
|
|
''}
|
|
|
|
'';
|
|
});
|
|
};
|
|
};
|
|
})
|
|
cfg.directories);
|
|
}
|