From fbd485cd86c7e9984819357398f912a2d5510845 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 12 Sep 2023 12:56:39 +0200
Subject: tv: emigrate

---
 tv/2configs/pki/default.nix | 68 ---------------------------------------------
 1 file changed, 68 deletions(-)
 delete mode 100644 tv/2configs/pki/default.nix

(limited to 'tv/2configs/pki/default.nix')

diff --git a/tv/2configs/pki/default.nix b/tv/2configs/pki/default.nix
deleted file mode 100644
index 415755b16..000000000
--- a/tv/2configs/pki/default.nix
+++ /dev/null
@@ -1,68 +0,0 @@
-with import ./lib;
-{ config, pkgs, ... }: let
-
-  certFile = config.environment.etc."ssl/certs/ca-certificates.crt".source;
-
-in {
-
-  environment.etc."pki/nssdb".source =
-    pkgs.runCommand "system-wide-nssdb" {
-      inherit certFile;
-      buildInputs = [
-        pkgs.jq
-        pkgs.nssTools
-      ];
-      parseInfoScript = /* jq */ ''
-        ${toJSON certFile} as $certFile |
-
-        split("\t-----END CERTIFICATE-----\n")[] |
-        select(test("\t-----BEGIN CERTIFICATE-----\n")) |
-        . + "\t-----END CERTIFICATE-----\n" |
-
-        sub("^([0-9]+\t\n)*";"") |
-
-        (match("^([0-9]+)\t").captures[0].string | tonumber) as $lineNumber |
-
-        gsub("(?m)^[0-9]+\t";"") |
-
-        match("^([^\n]+)\n(.*)";"m").captures | map(.string) |
-
-        # Line numbers are added to the names to ensure uniqueness.
-        "\(.[0]) (\($certFile):\($lineNumber))" as $name |
-        .[1] as $cert |
-
-        { $name, $cert }
-      '';
-      passAsFile = [
-        "parseInfoScript"
-      ];
-    } /* sh */ ''
-      mkdir nssdb
-
-      nl -ba -w1 "$certFile" |
-      jq -ceRs -f "$parseInfoScriptPath" > certinfo.ndjson
-
-      exec < certinfo.ndjson
-      while read -r certinfo; do
-        name=$(printf %s "$certinfo" | jq -er .name)
-        cert=$(printf %s "$certinfo" | jq -er .cert)
-
-        printf %s "$cert" | certutil -A -d nssdb -n "$name" -t C,C,C
-      done
-
-      mv nssdb "$out"
-    '';
-
-  environment.variables = flip genAttrs (_: toString certFile) [
-    "CURL_CA_BUNDLE"
-    "GIT_SSL_CAINFO"
-    "SSL_CERT_FILE"
-  ];
-
-  security.pki.certificateFiles =
-    mapAttrsToList
-      (name: const (./certs + "/${name}"))
-      (filterAttrs (const (eq "regular"))
-                   (readDir ./certs));
-
-}
-- 
cgit v1.2.3