On Sat, 19 Nov 2016 12:10:59 +0100 Marius Bergmann <[email protected]> wrote: > Is it possible to declare the distribution of a file (in my case a ssh > server/client public key) to different machines in a nixops > deployment? > > I want to create a client keypair on one machine and then authorize > the public part on several other machines in the deployment. Those > other machines' public server keys should also be added to the > known_hosts of the machine logging into them. > > I know I could create all the keypairs on the machine running nixops > and send both the public as well as the private keys over the > network, but I would like to find out if there's a way around it.
I think this is one of the things you don't do/want with Nix/NixOps as this is essentially self-modifying deployment. Which makes the deployment non-deterministic and unreproducible in the strict sense. With deployment-/configuration-management systems that have a central node and database, like chef and puppet can have, you can do such things. For Nix this is counter-intuitive. - Arnold
signature.asc
Description: PGP signature
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
