nixpkgs/systems/hikari/web-development/mkcert.nix

{ pkgs, lib, config, ... }:

let
  custom-generate-certs = pkgs.writeShellApplication {
    name = "custom-generate-certs";

    runtimeInputs = [
      pkgs.mkcert
    ];

    text = ''
      mkcert -install
      mkdir -p /var/projects/own/mkcert/
      pushd /var/projects/own/mkcert/
      # TODO: Grep from nix config
      mkcert daniel-siepmann.localhost
      mkcert mailhog.localhost
    '';
  };
in {
  # TODO: Run once before httpd service starts?
  environment.systemPackages = [
    custom-generate-certs
  ];

  security.pki.certificateFiles = [
    /var/projects/own/mkcert/rootCA.pem
  ];
}
First roughly version of mkcert for hikari It works, but one needs to generate them first before using them … ugly. 2023-02-05 13:32:42 +01:00			`{ pkgs, lib, config, ... }:`

			`let`
			`custom-generate-certs = pkgs.writeShellApplication {`
			`name = "custom-generate-certs";`

			`runtimeInputs = [`
			`pkgs.mkcert`
			`];`

			`text = ''`
			`mkcert -install`
			`mkdir -p /var/projects/own/mkcert/`
			`pushd /var/projects/own/mkcert/`
			`# TODO: Grep from nix config`
			`mkcert daniel-siepmann.localhost`
			`mkcert mailhog.localhost`
			`'';`
			`};`
			`in {`
			`# TODO: Run once before httpd service starts?`
			`environment.systemPackages = [`
			`custom-generate-certs`
			`];`

			`security.pki.certificateFiles = [`
			`/var/projects/own/mkcert/rootCA.pem`
			`];`
			`}`