Merge pull request #45567 from johanot/certmgr-rootca-patch

certmgr: Add patch for optional trust of self-signed certificates at remote cfssl apiserver
author: Franz Pletz <fpletz@fnordicwalking.de> 2019-01-30 17:37:42 +0000
committer: GitHub <noreply@github.com> 2019-01-30 17:37:42 +0000
commit: 72f324dbc76f57728c5ae20a82bda1fc195c28c5 (patch)
tree: c97e11323cd96e31ec312abedbf5b2446f86aa7e /pkgs/tools
parent: 5b622c115d132772dc9739d35561e184d3375a5d (diff)
parent: 4602b43a33a98d31f29a2928da58559444ebfdb6 (diff)
download: nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar
nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.gz
nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.bz2
nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.lz
nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.xz
nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.zst
nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.zip
1 files changed, 37 insertions, 17 deletions
diff --git a/pkgs/tools/security/certmgr/default.nix b/pkgs/tools/security/certmgr/default.nix
index fa3076e8b593..4a9cd4867da6 100644
--- a/pkgs/tools/security/certmgr/default.nix
+++ b/pkgs/tools/security/certmgr/default.nix
@@ -1,23 +1,43 @@
-{ stdenv, buildGoPackage, fetchFromGitHub }:
+{ stdenv, buildGoPackage, fetchFromGitHub, fetchpatch }:
 
-buildGoPackage rec {
-  version = "1.6.1";
-  name = "certmgr-${version}";
+let
+  generic = { patches ? [] }:
+    buildGoPackage rec {
+      version = "1.6.1";
+      name = "certmgr-${version}";
 
-  goPackagePath = "github.com/cloudflare/certmgr/";
+      goPackagePath = "github.com/cloudflare/certmgr/";
 
-  src = fetchFromGitHub {
-    owner = "cloudflare";
-    repo = "certmgr";
-    rev = "v${version}";
-    sha256 = "1ky2pw1wxrb2fxfygg50h0mid5l023x6xz9zj5754a023d01qqr2";
-  };
+      src = fetchFromGitHub {
+        owner = "cloudflare";
+        repo = "certmgr";
+        rev = "v${version}";
+        sha256 = "1ky2pw1wxrb2fxfygg50h0mid5l023x6xz9zj5754a023d01qqr2";
+      };
+
+      inherit patches;
+
+      meta = with stdenv.lib; {
+        homepage = https://cfssl.org/;
+        description = "Cloudflare's certificate manager";
+        platforms = platforms.linux;
+        license = licenses.bsd2;
+        maintainers = with maintainers; [ johanot srhb ];
+      };
+    };
+in
+{
+  certmgr = generic {};
 
-  meta = with stdenv.lib; {
-    homepage = https://cfssl.org/;
-    description = "Cloudflare's certificate manager";
-    platforms = platforms.linux;
-    license = licenses.bsd2;
-    maintainers = with maintainers; [ johanot srhb ];
+  certmgr-selfsigned = generic {
+    # The following patch makes it possible to use a self-signed x509 cert
+    # for the cfssl apiserver.
+    # TODO: remove patch when PR is merged.
+    patches = [
+      (fetchpatch {
+        url    = "https://github.com/cloudflare/certmgr/pull/51.patch";
+        sha256 = "0jhsw159d2mgybvbbn6pmvj4yqr5cwcal5fjwkcn9m4f4zlb6qrs";
+      })
+    ];
   };
 }
author	Franz Pletz <fpletz@fnordicwalking.de>	2019-01-30 17:37:42 +0000
committer	GitHub <noreply@github.com>	2019-01-30 17:37:42 +0000
commit	72f324dbc76f57728c5ae20a82bda1fc195c28c5 (patch)
tree	c97e11323cd96e31ec312abedbf5b2446f86aa7e /pkgs/tools
parent	5b622c115d132772dc9739d35561e184d3375a5d (diff)
parent	4602b43a33a98d31f29a2928da58559444ebfdb6 (diff)
download	nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.gz nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.bz2 nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.lz nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.xz nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.zst nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.zip