Lollypops options

lollypops.deployment.config-dir

Path to place the configuration on the remote host

Type: string

Default: "/var/src/lollypops"

lollypops.deployment.deploy-method

Method for copying flake to the remote. Using the default (copy) will only deploy the flake itself, while archive deploys the flake and all it’s inputs to the remote machine. This is slower when deploying from a connection with slow upload speed, but allows using inputs which are not accessible from the remote.

When using copy all inputs of the flake will be substituted or pulled from configured caches.

Type: one of “copy”, “archive”

Default: "copy"

lollypops.deployment.group

Group name for the host, used to perform actions against a group of servers

Type: string

Default: "default"

lollypops.deployment.local-evaluation

Evaluate locally instead of on the remote when rebuilding

Type: boolean

Default: false

lollypops.deployment.ssh.command

Command to run for connection to another server

Type: string

Default: "ssh"

lollypops.deployment.ssh.host

Host to deploy to

Type: string

Default: "hostname"

lollypops.deployment.ssh.opts

Options to pass to the configured SSH command

Type: list of string

Default:

[
  ""
]

Example:

[
  "-A"
]

lollypops.deployment.ssh.user

User to deploy as

Type: string

Default: "root"

lollypops.deployment.sudo.enable

Enables the use of sudo for deployment on remote servers

Type: boolean

Default: false

lollypops.deployment.sudo.command

Command to run for permission elevation

Type: string

Default: "sudo"

lollypops.deployment.sudo.opts

Options to pass to the configured sudo command

Type: list of string

Default:

[
  ""
]

Example:

[
  "--user=user"
]

lollypops.extraTasks

Extra tasks to run for the host. If any are defined with the same name as the default tasks (<literal>deploy-secrets</literal>, <literal>rebuild</literal>, <literal>deploy-flake</literal>) the original tasks will be overriden.

Type: attribute set of (submodule)

Default: { }

lollypops.extraTasks.<name>.cmds

Commands for the task.

Type: list of string

lollypops.extraTasks.<name>.deps

Dependencies for the task.

Type: list of string

Default: [ ]

lollypops.extraTasks.<name>.desc

Description for the task.

Type: string

lollypops.extraTasks.<name>.dir

Directory in which the task should run.

Type: path or string

Default: "."

lollypops.secrets.cmd-name-prefix

Prefix to prepend to all name when passing to the cmd

Type: string

Default: ""

lollypops.secrets.default-cmd

Default command to retrieve passwords. Will be passed the name as parameter

Type: string

Default: "\${pkgs.pass}/bin/pass"

lollypops.secrets.default-dir

Path to place the secrets on the remote host if no alternative is specified

Type: string

Default: "/var/src/lollypops-secrets"

lollypops.secrets.files

Attribute set specifying secrets to be deployed

Type: attribute set of (submodule)

Default: { }

lollypops.secrets.files.<name>.cmd

Command to print the secret. E.g. cat mysecretfile

Type: string

Default: "<default-cmd> <cmd-name-prefix><name>"

lollypops.secrets.files.<name>.group-name

Group of the secret file

Type: string

Default: "root"

lollypops.secrets.files.<name>.mode

Unix permission

Type: string

Default: "0400"

lollypops.secrets.files.<name>.name

Name of the secret

Type: string

Default: "<name>"

lollypops.secrets.files.<name>.owner

Owner of the secret file

Type: string

Default: "root"

lollypops.secrets.files.<name>.path

Path to place the secret file

Type: string

Default: "<default-dir>/<name>"

lollypops.tasks

The list of tasks to run for each host.

Type: list of string

Default:

[
  "deploy-flake"
  "deploy-secrets"
  "rebuild"
]