diff options
| author | Sascha Grunert <sgrunert@suse.com> | 2020-08-31 13:07:58 +0200 |
|---|---|---|
| committer | Sascha Grunert <sgrunert@suse.com> | 2020-09-10 13:07:32 +0200 |
| commit | 35f7a3347c3844dc2f41d66a6fb898d9d45d15b9 (patch) | |
| tree | 47721fbb96e326d7cd3e5f1e269d11ebb865cea6 /nixos/modules/services/cluster/kubernetes | |
| parent | 9210c8e8ed1cc33931bac44eb89d62a78f7e4a67 (diff) | |
| download | nixpkgs-35f7a3347c3844dc2f41d66a6fb898d9d45d15b9.tar nixpkgs-35f7a3347c3844dc2f41d66a6fb898d9d45d15b9.tar.gz nixpkgs-35f7a3347c3844dc2f41d66a6fb898d9d45d15b9.tar.bz2 nixpkgs-35f7a3347c3844dc2f41d66a6fb898d9d45d15b9.tar.lz nixpkgs-35f7a3347c3844dc2f41d66a6fb898d9d45d15b9.tar.xz nixpkgs-35f7a3347c3844dc2f41d66a6fb898d9d45d15b9.tar.zst nixpkgs-35f7a3347c3844dc2f41d66a6fb898d9d45d15b9.zip | |
kubernetes: fix certificate generation
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Diffstat (limited to 'nixos/modules/services/cluster/kubernetes')
| -rw-r--r-- | nixos/modules/services/cluster/kubernetes/pki.nix | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/nixos/modules/services/cluster/kubernetes/pki.nix b/nixos/modules/services/cluster/kubernetes/pki.nix index 4275563f1a3..933ae481e96 100644 --- a/nixos/modules/services/cluster/kubernetes/pki.nix +++ b/nixos/modules/services/cluster/kubernetes/pki.nix @@ -20,7 +20,7 @@ let size = 2048; }; CN = top.masterAddress; - hosts = cfg.cfsslAPIExtraSANs; + hosts = [top.masterAddress] ++ cfg.cfsslAPIExtraSANs; }); cfsslAPITokenBaseName = "apitoken.secret"; @@ -228,7 +228,8 @@ in }; private_key = cert.privateKeyOptions; request = { - inherit (cert) CN hosts; + hosts = [cert.CN] ++ cert.hosts; + inherit (cert) CN; key = { algo = "rsa"; size = 2048; |