add deployment method: ssh

This commit is contained in:
Kiara Grouwstra 2025-08-10 13:18:44 +02:00
parent a75442c940
commit ba3d3adf73
Signed by: kiara
SSH key fingerprint: SHA256:COspvLoLJ5WC5rFb9ZDe5urVCkK4LJZOsjfF4duRJFU
2 changed files with 65 additions and 5 deletions

View file

@ -2,7 +2,7 @@
inputs,
# sources,
lib,
# providers,
config,
...
}:
@ -28,7 +28,20 @@ let
{
implementation = requests: {
input = requests;
output = { };
output.ssh-host = {
ssh = {
host = "localhost";
username = "root";
authentication.password = "password";
};
nixos-configuration =
{ ... }:
{
users.users = config.resources.shell.login-shell.apply (
lib.filterAttrs (_name: value: value ? login-shell) requests
);
};
};
};
};
};

View file

@ -6,12 +6,15 @@
let
inherit (lib) mkOption types;
inherit (lib.types)
attrsOf
attrTag
attrsOf
deferredModuleWith
submodule
optionType
functionTo
nullOr
optionType
raw
str
submodule
;
functionType = import ./function.nix;
@ -25,7 +28,51 @@ let
);
};
};
nixos-configuration = mkOption {
description = "A NixOS configuration.";
type = raw;
};
host-ssh = mkOption {
description = "SSH connection info to connect to a single host.";
type = submodule {
options = {
host = mkOption {
description = "the host to access by SSH";
type = str;
};
username = mkOption {
description = "the SSH user to use";
type = nullOr str;
default = null;
};
authentication = mkOption {
description = "authentication method";
type = attrTag {
private-key = mkOption {
description = "path to the user's SSH private key";
type = str;
example = "/root/.ssh/id_ed25519";
};
password = mkOption {
description = "SSH password";
# TODO: mark as sensitive
type = str;
};
};
};
};
};
};
deployment = attrTag {
ssh-host = {
description = "A Terraform deployment by SSH to update a single existing NixOS host.";
type = submodule {
options = {
inherit nixos-configuration;
ssh = host-ssh;
};
};
};
};
in
{