[prev in list] [next in list] [prev in thread] [next in thread]
List: nix-dev
Subject: Re: [Nix-dev] Distributing files between machines in a nixops deployment
From: Arnold Krille <arnold () arnoldarts ! de>
Date: 2016-11-19 11:46:11
Message-ID: 20161119124611.2f65b654 () xingu ! arnoldarts ! de
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Sat, 19 Nov 2016 12:10:59 +0100 Marius Bergmann <marius@yeai.de>
wrote:
> Is it possible to declare the distribution of a file (in my case a ssh
> server/client public key) to different machines in a nixops
> deployment?
>
> I want to create a client keypair on one machine and then authorize
> the public part on several other machines in the deployment. Those
> other machines' public server keys should also be added to the
> known_hosts of the machine logging into them.
>
> I know I could create all the keypairs on the machine running nixops
> and send both the public as well as the private keys over the
> network, but I would like to find out if there's a way around it.
I think this is one of the things you don't do/want with Nix/NixOps as
this is essentially self-modifying deployment. Which makes the
deployment non-deterministic and unreproducible in the strict sense.
With deployment-/configuration-management systems that have a central
node and database, like chef and puppet can have, you can do such
things. For Nix this is counter-intuitive.
- Arnold
["signature.asc" (application/pgp-signature)]
_______________________________________________
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic