pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / common / acme / server / generate-certs.nix
at 23.05-pre 677 B view raw
1# Minica can provide a CA key and cert, plus a key 2# and cert for our fake CA server's Web Front End (WFE). 3{ 4 pkgs ? import <nixpkgs> {}, 5 minica ? pkgs.minica, 6 mkDerivation ? pkgs.stdenv.mkDerivation 7}: 8let 9 conf = import ./snakeoil-certs.nix; 10 domain = conf.domain; 11in mkDerivation { 12 name = "test-certs"; 13 buildInputs = [ minica ]; 14 phases = [ "buildPhase" "installPhase" ]; 15 16 buildPhase = '' 17 minica \ 18 --ca-key ca.key.pem \ 19 --ca-cert ca.cert.pem \ 20 --domains ${domain} 21 ''; 22 23 installPhase = '' 24 mkdir -p $out 25 mv ca.*.pem $out/ 26 mv ${domain}/key.pem $out/${domain}.key.pem 27 mv ${domain}/cert.pem $out/${domain}.cert.pem 28 ''; 29}