danielsiepmann/nixpkgs
danielsiepmann/nixpkgs
1
0
Code Releases Activity
nixpkgs/systems/hikari/web-development/mkcert.nix

39 lines
796 B
Nix
Raw Normal View History

First roughly version of mkcert for hikari It works, but one needs to generate them first before using them … ugly.
2023-02-05 13:32:42 +01:00
{ pkgs, lib, config, ... }:
let
Auto generate mkcert based on configured vhost domains
2023-02-05 13:56:06 +01:00
certFolder = "/var/projects/own/mkcert";
domains = builtins.concatStringsSep " " (
map (domain: "\"${domain}\"") (
builtins.attrNames config.services.httpd.virtualHosts
)
);
First roughly version of mkcert for hikari It works, but one needs to generate them first before using them … ugly.
2023-02-05 13:32:42 +01:00
custom-generate-certs = pkgs.writeShellApplication {
name = "custom-generate-certs";
runtimeInputs = [
pkgs.mkcert
];
text = ''
Auto generate mkcert based on configured vhost domains
2023-02-05 13:56:06 +01:00
mkdir -p ${certFolder}
pushd ${certFolder}
declare -a domains=(${domains})
for domain in "''${domains[@]}"
do
CAROOT="${certFolder}" mkcert "$domain"
done
First roughly version of mkcert for hikari It works, but one needs to generate them first before using them … ugly.
2023-02-05 13:32:42 +01:00
'';
};
in {
# TODO: Run once before httpd service starts?
environment.systemPackages = [
custom-generate-certs
];
security.pki.certificateFiles = [
/var/projects/own/mkcert/rootCA.pem
];
}
Copy permalink