Prefer File in option names over Path

2026-03-22 20:09:07 +01:00 · 2026-02-24 13:27:24 +01:00 · 2026-02-24 13:27:24 +01:00 · ef2b10f22c
commit ef2b10f22c
parent ff6db45c0e
6 changed files with 18 additions and 18 deletions
--- a/modules/home/programs/ssh.nix
+++ b/modules/home/programs/ssh.nix
@ -8,7 +8,7 @@
 {
  options.custom.programs.ssh = {
    enable = lib.mkEnableOption "";
-    publicKeyPath = lib.mkOption {
+    publicKeyFile = lib.mkOption {
      type = lib.types.path;
      default = "${self}/users/${config.home.username}/@${osConfig.networking.hostName}/keys/ssh.pub";
    };
--- a/modules/system/services/nebula/default.nix
+++ b/modules/system/services/nebula/default.nix
@ -27,19 +27,19 @@ in
        ++ lib.optional config.custom.services.syncthing.enable "syncthing";
    };

-    caCertificatePath = lib.mkOption {
+    caCertificateFile = lib.mkOption {
      type = lib.types.path;
      default = ./ca.crt;
    };
-    publicKeyPath = lib.mkOption {
+    publicKeyFile = lib.mkOption {
      type = lib.types.path;
      default = "${self}/hosts/${netCfg.hostName}/keys/nebula.pub";
    };
-    certificatePath = lib.mkOption {
+    certificateFile = lib.mkOption {
      type = lib.types.path;
      default = "${self}/hosts/${netCfg.hostName}/keys/nebula.crt";
    };
-    privateKeyPath = lib.mkOption {
+    privateKeyFile = lib.mkOption {
      type = lib.types.nullOr lib.types.path;
      default = null;
    };
@ -51,19 +51,19 @@ in
      message = "`${netCfg.hostName}` is a Nebula lighthouse, but `underlay.isPublic` is not set. Lighthouses must be publicly reachable.";
    };

-    sops.secrets."nebula/host-key" = lib.mkIf (cfg.privateKeyPath == null) {
+    sops.secrets."nebula/host-key" = lib.mkIf (cfg.privateKeyFile == null) {
      owner = config.users.users.nebula-mesh.name;
      restartUnits = [ "nebula@mesh.service" ];
    };

    environment.etc = {
      "nebula/ca.crt" = {
-        source = cfg.caCertificatePath;
+        source = cfg.caCertificateFile;
        mode = "0440";
        user = config.systemd.services."nebula@mesh".serviceConfig.User;
      };
      "nebula/host.crt" = {
-        source = cfg.certificatePath;
+        source = cfg.certificateFile;
        mode = "0440";
        user = config.systemd.services."nebula@mesh".serviceConfig.User;
      };
@ -75,8 +75,8 @@ in
      ca = "/etc/nebula/ca.crt";
      cert = "/etc/nebula/host.crt";
      key =
-        if (cfg.privateKeyPath != null) then
-          cfg.privateKeyPath
+        if (cfg.privateKeyFile != null) then
+          cfg.privateKeyFile
        else
          config.sops.secrets."nebula/host-key".path;

--- a/modules/system/services/sshd.nix
+++ b/modules/system/services/sshd.nix
@ -47,6 +47,6 @@ in
      |> lib.filter (host: host.config |> lib.hasAttr "home-manager")
      |> lib.map (host: host.config.home-manager.users.seb.custom.programs.ssh)
      |> lib.filter (ssh: ssh.enable)
-      |> lib.map (ssh: ssh.publicKeyPath);
+      |> lib.map (ssh: ssh.publicKeyFile);
  };
 }