summary refs log tree commit diff
path: root/nixos/modules/services/misc
diff options
context:
space:
mode:
authoraszlig <aszlig@redmoonstudios.org>2016-04-12 06:19:59 +0200
committeraszlig <aszlig@redmoonstudios.org>2016-04-12 06:19:59 +0200
commitdd0d64afea9f184e4408016ed1413e2284cc67a2 (patch)
tree621e31860e61aa9d9ea7d0ed5445dcab7bf38348 /nixos/modules/services/misc
parente2383b84f88e0e7d35f6a3a846b54c69e3bee6ee (diff)
downloadnixpkgs-dd0d64afea9f184e4408016ed1413e2284cc67a2.tar
nixpkgs-dd0d64afea9f184e4408016ed1413e2284cc67a2.tar.gz
nixpkgs-dd0d64afea9f184e4408016ed1413e2284cc67a2.tar.bz2
nixpkgs-dd0d64afea9f184e4408016ed1413e2284cc67a2.tar.lz
nixpkgs-dd0d64afea9f184e4408016ed1413e2284cc67a2.tar.xz
nixpkgs-dd0d64afea9f184e4408016ed1413e2284cc67a2.tar.zst
nixpkgs-dd0d64afea9f184e4408016ed1413e2284cc67a2.zip
nixos/taskserver: Finish module documentation
Apart from the options manual, this should cover the basics for setting
up a Taskserver. I am not a native speaker so this can and (probably)
should be improved, especially the wording/grammar.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Diffstat (limited to 'nixos/modules/services/misc')
-rw-r--r--nixos/modules/services/misc/taskserver/doc.xml96
1 files changed, 94 insertions, 2 deletions
diff --git a/nixos/modules/services/misc/taskserver/doc.xml b/nixos/modules/services/misc/taskserver/doc.xml
index b41747872c6..15125b1411b 100644
--- a/nixos/modules/services/misc/taskserver/doc.xml
+++ b/nixos/modules/services/misc/taskserver/doc.xml
@@ -32,7 +32,7 @@
     <para>
       So in order to make it easier to handle your own CA, there is a helper
       tool called <command>nixos-taskserver</command> which manages the custom
-      CA along with Taskserver users and groups.
+      CA along with Taskserver organisations, users and groups.
     </para>
 
     <para>
@@ -46,7 +46,99 @@
       along with the UUID of the user, so it handles all of the credentials
       needed in order to setup the Taskwarrior client to work with a Taskserver.
     </para>
+  </section>
+
+  <section>
+    <title>The nixos-taskserver tool</title>
+
+    <para>
+      Because Taskserver by default only provides scripts to setup users
+      imperatively, the <command>nixos-taskserver</command> tool is used for
+      addition and deletion of organisations along with users and groups defined
+      by <option>services.taskserver.organisations</option> and as well for
+      imperative set up.
+    </para>
+
+    <para>
+      The tool is designed to not interfere if the command is used to manually
+      set up some organisations, users or groups.
+    </para>
+
+    <para>
+      For example if you add a new organisation using
+      <command>nixos-taskserver org add foo</command>, the organisation is not
+      modified and deleted no matter what you define in
+      <option>services.taskserver.organisations</option>, even if you're adding
+      the same organisation in that option.
+    </para>
+
+    <para>
+      The tool is modelled to imitate the official <command>taskd</command>
+      command, documentation for each subcommand can be shown by using the
+      <option>--help</option> switch.
+    </para>
+  </section>
+  <section>
+    <title>Declarative/automatic CA management</title>
+
+    <para>
+      Everything is done according to what you specify in the module options,
+      however in order to set up a Taskwarrior client for synchronisation with a
+      Taskserver instance, you have to transfer the keys and certificates to the
+      client machine.
+    </para>
 
-    <!-- TODO: Go more into the details of nixos-taskserver. -->
+    <para>
+      This is done using
+      <command>nixos-taskserver user export $orgname $username</command> which
+      is printing a shell script fragment to stdout which can either be used
+      verbatim or adjusted to import the user on the client machine.
+    </para>
+
+    <para>
+      For example, let's say you have the following configuration:
+<screen>
+{
+  services.taskserver.enable = true;
+  services.taskserver.fqdn = "server";
+  services.taskserver.listenHost = "::";
+  services.taskserver.organisations.NixOS.users = [ "alice" ];
+}
+</screen>
+      This creates an organisation called <literal>NixOS</literal> with the user
+      <literal>alice</literal>.
+    </para>
+
+    <para>
+      Now in order to import the <literal>alice</literal> user to another
+      machine <literal>alicebox</literal>, all we need to do is something like
+      this:
+<screen>
+$ ssh server nixos-taskserver user export NixOS alice | sh
+</screen>
+      Of course, if no SSH daemon is available on the server you can also copy
+      &amp; paste it directly into a shell.
+    </para>
+
+    <para>
+      After this step the user should be set up and you can start synchronising
+      your tasks for the first time with <command>task sync init</command> on
+      <literal>alicebox</literal>.
+    </para>
+
+    <para>
+      Subsequent synchronisation requests merely require the command
+      <command>task sync</command> after that stage.
+    </para>
+  </section>
+  <section>
+    <title>Manual CA management</title>
+
+    <para>
+      If you set any options within
+      <option>service.taskserver.pki.manual.*</option>, the automatic user and
+      CA management by the <command>nixos-taskserver</command> is disabled and
+      you need to create certificates and keys by yourself.
+    </para>
   </section>
 </chapter>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-30 18:19:06 +0000