krebs types.secret-file: owner-name -> owner :: user

3 files changed, 16 insertions, 3 deletions

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index df1c7db63..7a343d333 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -104,6 +104,13 @@ let
         retiolum = "hosts";
       };
 
+      krebs.users.root = {
+        home = "/root";
+        name = "root";
+        pubkey = config.krebs.build.host.ssh.pubkey;
+        uid = 0;
+      };
+
       networking.extraHosts = concatStringsSep "\n" (flatten (
         mapAttrsToList (hostname: host:
           mapAttrsToList (netname: net:
diff --git a/krebs/3modules/secret.nix b/krebs/3modules/secret.nix
index 46802a661..579f375f3 100644
--- a/krebs/3modules/secret.nix
+++ b/krebs/3modules/secret.nix
@@ -25,7 +25,7 @@ in {
                   --compare \
                   --verbose \
                   --mode=${shell.escape file.mode} \
-                  --owner=${shell.escape file.owner-name} \
+                  --owner=${shell.escape file.owner.name} \
                   --group=${shell.escape file.group-name} \
                   ${shell.escape file.source-path} \
                   ${shell.escape file.path} \
diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index 422627296..7792b31d5 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -147,8 +147,14 @@ types // rec {
     options = {
       path = mkOption { type = str; };
       mode = mkOption { type = str; default = "0400"; };
-      owner-name = mkOption { type = str; default = "root"; };
-      group-name = mkOption { type = str; default = "root"; };
+      owner = mkOption {
+        type = user;
+        default = config.krebs.users.root;
+      };
+      group-name = mkOption {
+        type = str;
+        default = "root";
+      };
       source-path = mkOption {
         type = str;
         default = toString <secrets> + "/${config._module.args.name}";