diff options
author | Florian Jacob <projects+git@florianjacob.de> | 2019-02-10 12:48:32 +0100 |
---|---|---|
committer | Florian Jacob <projects+git@florianjacob.de> | 2019-02-14 20:43:26 +0100 |
commit | 33b3272692868d9a746f4f703c1d917fb7b9adb6 (patch) | |
tree | 3e9427b6e0fad7bbb7adde922ecdebc47474d94e /nixos | |
parent | 482c0440acba8ba5652f32f26beab168e362c212 (diff) | |
download | nixlib-33b3272692868d9a746f4f703c1d917fb7b9adb6.tar nixlib-33b3272692868d9a746f4f703c1d917fb7b9adb6.tar.gz nixlib-33b3272692868d9a746f4f703c1d917fb7b9adb6.tar.bz2 nixlib-33b3272692868d9a746f4f703c1d917fb7b9adb6.tar.lz nixlib-33b3272692868d9a746f4f703c1d917fb7b9adb6.tar.xz nixlib-33b3272692868d9a746f4f703c1d917fb7b9adb6.tar.zst nixlib-33b3272692868d9a746f4f703c1d917fb7b9adb6.zip |
nixos/cups: Fix Unable to encrypt connection:
Unable to create server credentials by creating /var/lib/cups/ssl directory.
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/printing/cupsd.nix | 4 | ||||
-rw-r--r-- | nixos/tests/printing.nix | 2 |
2 files changed, 6 insertions, 0 deletions
diff --git a/nixos/modules/services/printing/cupsd.nix b/nixos/modules/services/printing/cupsd.nix index 1031d6f3d7e2..3a43ebbb889c 100644 --- a/nixos/modules/services/printing/cupsd.nix +++ b/nixos/modules/services/printing/cupsd.nix @@ -316,6 +316,10 @@ in mkdir -m 0755 -p ${cfg.tempDir} mkdir -m 0755 -p /var/lib/cups + # While cups will automatically create self-signed certificates if accessed via TLS, + # this directory to store the certificates needs to be created manually. + mkdir -m 0700 -p /var/lib/cups/ssl + # Backwards compatibility if [ ! -L /etc/cups ]; then mv /etc/cups/* /var/lib/cups diff --git a/nixos/tests/printing.nix b/nixos/tests/printing.nix index d85abf3c105c..7026637ead11 100644 --- a/nixos/tests/printing.nix +++ b/nixos/tests/printing.nix @@ -39,6 +39,8 @@ import ./make-test.nix ({pkgs, ... }: { $client->waitForUnit("cups.service"); $client->sleep(10); # wait until cups is fully initialized $client->succeed("lpstat -r") =~ /scheduler is running/ or die; + # check local encrypted connections work without error + $client->succeed("lpstat -E -r") =~ /scheduler is running/ or die; # Test that UNIX socket is used for connections. $client->succeed("lpstat -H") =~ "/var/run/cups/cups.sock" or die; # Test that HTTP server is available too. |