diff options
author | Franz Pletz <fpletz@fnordicwalking.de> | 2019-01-30 17:37:42 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-01-30 17:37:42 +0000 |
commit | 72f324dbc76f57728c5ae20a82bda1fc195c28c5 (patch) | |
tree | c97e11323cd96e31ec312abedbf5b2446f86aa7e /nixos/modules/services/security | |
parent | 5b622c115d132772dc9739d35561e184d3375a5d (diff) | |
parent | 4602b43a33a98d31f29a2928da58559444ebfdb6 (diff) | |
download | nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.gz nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.bz2 nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.lz nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.xz nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.zst nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.zip |
Merge pull request #45567 from johanot/certmgr-rootca-patch
certmgr: Add patch for optional trust of self-signed certificates at remote cfssl apiserver
Diffstat (limited to 'nixos/modules/services/security')
-rw-r--r-- | nixos/modules/services/security/certmgr.nix | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/nixos/modules/services/security/certmgr.nix b/nixos/modules/services/security/certmgr.nix index 22d5817ec4f0..e89078883ebe 100644 --- a/nixos/modules/services/security/certmgr.nix +++ b/nixos/modules/services/security/certmgr.nix @@ -30,13 +30,20 @@ let preStart = '' ${concatStringsSep " \\\n" (["mkdir -p"] ++ map escapeShellArg specPaths)} - ${pkgs.certmgr}/bin/certmgr -f ${certmgrYaml} check + ${cfg.package}/bin/certmgr -f ${certmgrYaml} check ''; in { options.services.certmgr = { enable = mkEnableOption "certmgr"; + package = mkOption { + type = types.package; + default = pkgs.certmgr; + defaultText = "pkgs.certmgr"; + description = "Which certmgr package to use in the service."; + }; + defaultRemote = mkOption { type = types.str; default = "127.0.0.1:8888"; @@ -187,7 +194,7 @@ in serviceConfig = { Restart = "always"; RestartSec = "10s"; - ExecStart = "${pkgs.certmgr}/bin/certmgr -f ${certmgrYaml}"; + ExecStart = "${cfg.package}/bin/certmgr -f ${certmgrYaml}"; }; }; }; |