58 lines
1.4 KiB
Nix
58 lines
1.4 KiB
Nix
{ lib }:
|
|
rec {
|
|
certs-paths = lib.types.submodule {
|
|
freeformType = lib.types.anything;
|
|
|
|
options = {
|
|
cert = lib.mkOption {
|
|
type = lib.types.path;
|
|
description = "Path to the cert file.";
|
|
};
|
|
key = lib.mkOption {
|
|
type = lib.types.path;
|
|
description = "Path to the key file.";
|
|
};
|
|
};
|
|
};
|
|
cas = lib.types.submodule {
|
|
freeformType = lib.types.anything;
|
|
|
|
options = {
|
|
paths = lib.mkOption {
|
|
description = ''
|
|
Paths where the files for the CA will be located.
|
|
|
|
This option is the contract output of the `shb.certs.cas` SSL block.
|
|
'';
|
|
type = certs-paths;
|
|
};
|
|
|
|
systemdService = lib.mkOption {
|
|
description = "Systemd oneshot service used to generate the CA.";
|
|
type = lib.types.str;
|
|
};
|
|
};
|
|
};
|
|
certs = lib.types.submodule {
|
|
freeformType = lib.types.anything;
|
|
|
|
options = {
|
|
paths = lib.mkOption {
|
|
description = ''
|
|
Paths where the files for the certificate will be located.
|
|
|
|
This option is the contract output of the `shb.certs.certs` SSL block.
|
|
'';
|
|
type = certs-paths;
|
|
};
|
|
|
|
systemdService = lib.mkOption {
|
|
description = ''
|
|
Systemd oneshot service used to generate the certificate. The name must include the
|
|
`.service` suffix.
|
|
'';
|
|
type = lib.types.str;
|
|
};
|
|
};
|
|
};
|
|
}
|