diff options
author | Christian Albrecht <christian.albrecht@mayflower.de> | 2019-03-11 10:47:58 +0100 |
---|---|---|
committer | Christian Albrecht <christian.albrecht@mayflower.de> | 2019-03-11 12:22:31 +0100 |
commit | 8ab50cb239e4aaeb88c372171a79f1fd874dfe50 (patch) | |
tree | 9d1e3fdab8a5882e480644037cc1a958c8d1d7a8 /nixos/modules/services/cluster/kubernetes/pki.nix | |
parent | ee9dd4386a061594ad69ff5a3a683f899f9f8c93 (diff) | |
download | nixpkgs-8ab50cb239e4aaeb88c372171a79f1fd874dfe50.tar nixpkgs-8ab50cb239e4aaeb88c372171a79f1fd874dfe50.tar.gz nixpkgs-8ab50cb239e4aaeb88c372171a79f1fd874dfe50.tar.bz2 nixpkgs-8ab50cb239e4aaeb88c372171a79f1fd874dfe50.tar.lz nixpkgs-8ab50cb239e4aaeb88c372171a79f1fd874dfe50.tar.xz nixpkgs-8ab50cb239e4aaeb88c372171a79f1fd874dfe50.tar.zst nixpkgs-8ab50cb239e4aaeb88c372171a79f1fd874dfe50.zip |
Cleanup pki: apiserver and etcd
Diffstat (limited to 'nixos/modules/services/cluster/kubernetes/pki.nix')
-rw-r--r-- | nixos/modules/services/cluster/kubernetes/pki.nix | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/nixos/modules/services/cluster/kubernetes/pki.nix b/nixos/modules/services/cluster/kubernetes/pki.nix index 90b40dd4c1f..85e1fc9671c 100644 --- a/nixos/modules/services/cluster/kubernetes/pki.nix +++ b/nixos/modules/services/cluster/kubernetes/pki.nix @@ -124,23 +124,6 @@ in top.caFile certmgrAPITokenPath ]; - apiserverPaths = [ - top.apiserver.clientCaFile - top.apiserver.etcd.caFile - top.apiserver.etcd.certFile - top.apiserver.etcd.keyFile - top.apiserver.kubeletClientCaFile - top.apiserver.kubeletClientCertFile - top.apiserver.kubeletClientKeyFile - top.apiserver.serviceAccountKeyFile - top.apiserver.tlsCertFile - top.apiserver.tlsKeyFile - ]; - etcdPaths = [ - config.services.etcd.certFile - config.services.etcd.keyFile - config.services.etcd.trustedCaFile - ]; flannelPaths = [ cfg.certs.flannelClient.cert cfg.certs.flannelClient.key @@ -412,30 +395,6 @@ in 127.0.0.1 etcd.${top.addons.dns.clusterDomain} etcd.local ''; - systemd.services.kube-apiserver = mkIf top.apiserver.enable { - unitConfig.ConditionPathExists = apiserverPaths; - }; - - systemd.paths.kube-apiserver = mkIf top.apiserver.enable { - wantedBy = [ "kube-apiserver.service" ]; - pathConfig = { - PathExists = apiserverPaths; - PathChanged = apiserverPaths; - }; - }; - - systemd.services.etcd = mkIf top.apiserver.enable { - unitConfig.ConditionPathExists = etcdPaths; - }; - - systemd.paths.etcd = mkIf top.apiserver.enable { - wantedBy = [ "etcd.service" ]; - pathConfig = { - PathExists = etcdPaths; - PathChanged = etcdPaths; - }; - }; - services.flannel = with cfg.certs.flannelClient; { kubeconfig = top.lib.mkKubeConfig "flannel" { server = top.apiserverAddress; |