diff options
| author | Janne Heß <janne@hess.ooo> | 2019-10-25 15:28:44 +0200 |
|---|---|---|
| committer | Lassulus <github@lassul.us> | 2019-10-25 16:19:57 +0200 |
| commit | 4a32dbd1e103ead7f022d623ca6aed37268c17f2 (patch) | |
| tree | c3015a387667381ab48574aa0950f5929cba9185 /nixos/modules/services/networking/stunnel.nix | |
| parent | 77a5bf5bfbacafbafbe2fc7657246ba8557f65ca (diff) | |
| download | nixlib-4a32dbd1e103ead7f022d623ca6aed37268c17f2.tar nixlib-4a32dbd1e103ead7f022d623ca6aed37268c17f2.tar.gz nixlib-4a32dbd1e103ead7f022d623ca6aed37268c17f2.tar.bz2 nixlib-4a32dbd1e103ead7f022d623ca6aed37268c17f2.tar.lz nixlib-4a32dbd1e103ead7f022d623ca6aed37268c17f2.tar.xz nixlib-4a32dbd1e103ead7f022d623ca6aed37268c17f2.tar.zst nixlib-4a32dbd1e103ead7f022d623ca6aed37268c17f2.zip | |
nixos/stunnel: Fix CA files
Diffstat (limited to 'nixos/modules/services/networking/stunnel.nix')
| -rw-r--r-- | nixos/modules/services/networking/stunnel.nix | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/stunnel.nix b/nixos/modules/services/networking/stunnel.nix index cbc899f2b4d7..da950a23e693 100644 --- a/nixos/modules/services/networking/stunnel.nix +++ b/nixos/modules/services/networking/stunnel.nix @@ -57,7 +57,13 @@ let }; CAPath = mkOption { - type = types.path; + type = types.nullOr types.path; + default = null; + description = "Path to a directory containing certificates to validate against."; + }; + + CAFile = mkOption { + type = types.nullOr types.path; default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; description = "Path to a file containing certificates to validate against."; }; @@ -196,6 +202,7 @@ in verifyChain = ${yesNo v.verifyChain} verifyPeer = ${yesNo v.verifyPeer} ${optionalString (v.CAPath != null) "CApath = ${v.CAPath}"} + ${optionalString (v.CAFile != null) "CAFile = ${v.CAFile}"} ${optionalString (v.verifyHostname != null) "checkHost = ${v.verifyHostname}"} OCSPaia = yes |