zfsunlock: use IP addresses + zfsunlock

2023-08-22 14:09:41 +03:00 · 2023-08-22 14:09:41 +03:00 · 407024dfa9
commit 407024dfa9
parent 5fde5a9449
3 changed files with 16 additions and 8 deletions
--- a/hosts/hel1-a/configuration.nix
+++ b/hosts/hel1-a/configuration.nix
@ -83,10 +83,12 @@

      zfsunlock = {
        enable = true;
-        targets."vno1-oh2.servers.jakst" = {
-          sshEndpoint = myData.hosts."vno1-oh2.servers.jakst".publicIP;
-          pingEndpoint = "vno1-oh2.servers.jakst";
-          remotePubkey = myData.hosts."vno1-oh2.servers.jakst".initrdPubKey;
+        targets."vno1-oh2.servers.jakst" = let
+          host = myData.hosts."vno1-oh2.servers.jakst";
+        in {
+          sshEndpoint = host.publicIP;
+          pingEndpoint = host.jakstIP;
+          remotePubkey = host.initrdPubKey;
          pwFile = config.age.secrets.zfs-passphrase-vno1-oh2.path;
          startAt = "*-*-* *:00/5:00";
        };
--- a/hosts/vno1-oh2/configuration.nix
+++ b/hosts/vno1-oh2/configuration.nix
@ -114,10 +114,12 @@

      zfsunlock = {
        enable = true;
-        targets."hel1-a.servers.jakst" = {
-          sshEndpoint = myData.hosts."hel1-a.servers.jakst".publicIP;
-          pingEndpoint = "hel1-a.servers.jakst";
-          remotePubkey = myData.hosts."hel1-a.servers.jakst".initrdPubKey;
+        targets."hel1-a.servers.jakst" = let
+          host = myData.hosts."hel1-a.servers.jakst";
+        in {
+          sshEndpoint = host.publicIP;
+          pingEndpoint = host.jakstIP;
+          remotePubkey = host.initrdPubKey;
          pwFile = config.age.secrets.zfs-passphrase-hel1-a.path;
          startAt = "*-*-* *:00/5:00";
        };
--- a/modules/services/zfsunlock/default.nix
+++ b/modules/services/zfsunlock/default.nix
@ -79,5 +79,9 @@ in {
          }
      )
      config.mj.services.zfsunlock.targets;
+
+    mj.base.unitstatus.units =
+      map (name: "zfsunlock-${name}")
+      (builtins.attrNames config.mj.services.zfsunlock.targets);
  };
 }