diff options
author | tv <tv@krebsco.de> | 2019-04-20 18:54:58 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2019-04-20 18:54:58 +0200 |
commit | 4ba8fd95d5d4fd63acc61e9adddf771eda0fef02 (patch) | |
tree | b6452d05b928b3b56c6af2aa4b2496fdf66711fb /tv/2configs | |
parent | 7104abdb98661ba4831871112b6e03f6ee0d3c96 (diff) |
tv pki: immigrate certificate environment
Diffstat (limited to 'tv/2configs')
-rw-r--r-- | tv/2configs/default.nix | 10 | ||||
-rw-r--r-- | tv/2configs/pki/default.nix | 14 |
2 files changed, 15 insertions, 9 deletions
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index ac0a6af..4fc755c 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -17,6 +17,7 @@ with import <stockholm/lib>; ./bash ./htop.nix ./nginx + ./pki ./ssh.nix ./sshd.nix ./vim.nix @@ -91,15 +92,6 @@ with import <stockholm/lib>; } { - environment.variables = - flip genAttrs (_: "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt") [ - "CURL_CA_BUNDLE" - "GIT_SSL_CAINFO" - "SSL_CERT_FILE" - ]; - } - - { services.cron.enable = false; services.nscd.enable = false; services.ntp.enable = false; diff --git a/tv/2configs/pki/default.nix b/tv/2configs/pki/default.nix new file mode 100644 index 0000000..f22b9a6 --- /dev/null +++ b/tv/2configs/pki/default.nix @@ -0,0 +1,14 @@ +with import <stockholm/lib>; +{ config, ... }: let + + certFile = config.environment.etc."ssl/certs/ca-certificates.crt".source; + +in { + + environment.variables = flip genAttrs (_: toString certFile) [ + "CURL_CA_BUNDLE" + "GIT_SSL_CAINFO" + "SSL_CERT_FILE" + ]; + +} |