diff options
author | Jörg Thalheim <Mic92@users.noreply.github.com> | 2022-08-16 05:24:01 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-08-16 05:24:01 +0100 |
commit | 7a8a3dfd8be272ed772a4ba540cb319fb3b59157 (patch) | |
tree | 350ebb742a1ecd4228d5a69c625fc1b6adca357f /nixos/modules | |
parent | de15315a14eca6f65aeca3ad4f4ccae4b03a0506 (diff) | |
parent | 2856eb20469aec5de5aec8fa464f82a07888d92a (diff) |
Merge pull request #181939 from Mic92/vault-2
vault: fix assertions when raft backend is used
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/security/vault.nix | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/nixos/modules/services/security/vault.nix b/nixos/modules/services/security/vault.nix index ef9829630296d..c471bf01869b7 100644 --- a/nixos/modules/services/security/vault.nix +++ b/nixos/modules/services/security/vault.nix @@ -104,9 +104,9 @@ in storagePath = mkOption { type = types.nullOr types.path; - default = if cfg.storageBackend == "file" then "/var/lib/vault" else null; + default = if cfg.storageBackend == "file" || cfg.storageBackend == "raft" then "/var/lib/vault" else null; defaultText = literalExpression '' - if config.${opt.storageBackend} == "file" + if config.${opt.storageBackend} == "file" || cfg.storageBackend == "raft" then "/var/lib/vault" else null ''; @@ -172,11 +172,16 @@ in config = mkIf cfg.enable { assertions = [ - { assertion = cfg.storageBackend == "inmem" -> (cfg.storagePath == null && cfg.storageConfig == null); + { + assertion = cfg.storageBackend == "inmem" -> (cfg.storagePath == null && cfg.storageConfig == null); message = ''The "inmem" storage expects no services.vault.storagePath nor services.vault.storageConfig''; } - { assertion = (cfg.storageBackend == "file" -> (cfg.storagePath != null && cfg.storageConfig == null)) && (cfg.storagePath != null -> cfg.storageBackend == "file"); - message = ''You must set services.vault.storagePath only when using the "file" backend''; + { + assertion = ( + (cfg.storageBackend == "file" -> (cfg.storagePath != null && cfg.storageConfig == null)) && + (cfg.storagePath != null -> (cfg.storageBackend == "file" || cfg.storageBackend == "raft")) + ); + message = ''You must set services.vault.storagePath only when using the "file" or "raft" backend''; } ]; |