wire

Appearance

Module Options

deployment.allowLocalDeployment

Whether to allow or deny this node being applied to localhost when the host’s hostname matches the node’s name.

Type: boolean

Default:true

deployment.buildOnTarget

Whether to build the system on the target host or not.

Type: boolean

Default:false

deployment.keys

Secrets to be deployed to the node.

Type: attribute set of (submodule)

Default:{ }

Example:

{
  "arberfile.txt" = {
    destDir = "/etc/arbs/";
    source = ''
      Hello World
    '';
  };
  "arbfile.txt" = {
    destDir = "/etc/arbs/";
    source = /nix/store/f9cydjc724m65zr8arh4bkyhp7rffg8r-source/runtime/module/arbfile.txt;
  };
  "wireless.env" = {
    destDir = "/etc/keys/";
    source = [
      "gpg"
      "--decrypt"
      "secrets/wireless.env.gpg"
    ];
  };
}

deployment.keys.<name>.destDir

Destination directory for the secret. Change this to something other than /run/keys/ for keys to persist past reboots.

Type: absolute path

Default:"/run/keys/"

deployment.keys.<name>.environment

Key-Value environment variables to use when creating the key if the key source is a command.

Type: attribute set of string

Default:{ }

deployment.keys.<name>.group

Group to own the key. If this group does not exist this will silently fail and the key will be owned by gid 0.

Type: string

Default:"root"

deployment.keys.<name>.keyCommand

Alias of source.

Type: string or absolute path or list of string

deployment.keys.<name>.keyFile

Alias of source.

Type: string or absolute path or list of string

deployment.keys.<name>.name

Filename of the secret.

Type: string

Default:"‹name›"

deployment.keys.<name>.permissions

Unix Octal permissions, in string format, for the key.

Type: string

Default:"0600"

deployment.keys.<name>.source

Source of the key. Either a path to a file, a literal string, or a command to generate the key.

Type: string or absolute path or list of string

deployment.keys.<name>.text

Alias of source.

Type: string or absolute path or list of string

deployment.keys.<name>.uploadAt

When to upload the key. Either pre-activation or post-activation.

Type: one of “pre-activation”, “post-activation”

Default:"pre-activation"

deployment.keys.<name>.user

User to own the key. If this user does not exist this will silently fail and the key will be owned by uid 0.

Type: string

Default:"root"

deployment.privilegeEscalationCommand

Command to elevate.

Type: list of string

Default:

[
  "sudo"
  "--"
]

deployment.replaceUnknownProfiles

No-op, colmena compatibility

Type: boolean

Default:true

deployment.sshOptions

No-op, colmena compatibility

Type: list of string

Default:[ ]

deployment.tags

Tags for node.

Type: list of string

Default:[ ]

Example:

[
  "arm"
  "cloud"
]

deployment.target

Describes the target for this node

Type: submodule

Default:{ }

deployment.target.host

Alias of hosts.

Type: (list of string) or string convertible to it

deployment.target.hosts

IPs or hostnames to attempt to connect to. They are tried in order.

Type: (list of string) or string convertible to it

Default:

[
  "‹node name›"
]

deployment.target.port

SSH port to use.

Type: signed integer

Default:22

deployment.target.user

User to use for SSH. The user must be atleast wheel and must use an SSH key or similar non-interactive login method. More information can be found at https://wire.althaea.zone/guides/non-root-user

Type: string

Default:"root"

deployment.targetHost

Alias of deployment.target.hosts.

Type: submodule

deployment.targetPort

Alias of deployment.target.port.

Type: submodule

deployment.targetUser

Alias of deployment.target.user.

Type: submodule