gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #321632 from PedroRegisPOAR/kubernetes-mkCert-drops-nogroup-as-default

Browse Source 
nixos/kubernetes: adds argument to mkCert defaulting to kubernetes group
This commit is contained in:
Sarah Brofeldt
2024-07-19 12:49:49 +02:00
committed by GitHub
parent a1740ea605 a5deaf9e93
commit 54fbcf1be8
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
nixos/modules/services/cluster/kubernetes/default.nix
View File

@@ -61,13 +61,13 @@ let
etcdEndpoints = ["https://${cfg.masterAddress}:2379"];
mkCert = { name, CN, hosts ? [], fields ? {}, action ? "",
privateKeyOwner ? "kubernetes" }: rec {
privateKeyOwner ? "kubernetes", privateKeyGroup ? "kubernetes" }: rec {
inherit name caCert CN hosts fields action;
cert = secret name;
key = secret "${name}-key";
privateKeyOptions = {
owner = privateKeyOwner;
group = "nogroup";
group = privateKeyGroup;
mode = "0600";
path = key;
};