diff options
author | Franz Pletz <fpletz@fnordicwalking.de> | 2019-01-30 17:37:42 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-01-30 17:37:42 +0000 |
commit | 72f324dbc76f57728c5ae20a82bda1fc195c28c5 (patch) | |
tree | c97e11323cd96e31ec312abedbf5b2446f86aa7e /pkgs/tools | |
parent | 5b622c115d132772dc9739d35561e184d3375a5d (diff) | |
parent | 4602b43a33a98d31f29a2928da58559444ebfdb6 (diff) | |
download | nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.gz nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.bz2 nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.lz nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.xz nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.tar.zst nixlib-72f324dbc76f57728c5ae20a82bda1fc195c28c5.zip |
Merge pull request #45567 from johanot/certmgr-rootca-patch
certmgr: Add patch for optional trust of self-signed certificates at remote cfssl apiserver
Diffstat (limited to 'pkgs/tools')
-rw-r--r-- | pkgs/tools/security/certmgr/default.nix | 54 |
1 files changed, 37 insertions, 17 deletions
diff --git a/pkgs/tools/security/certmgr/default.nix b/pkgs/tools/security/certmgr/default.nix index fa3076e8b593..4a9cd4867da6 100644 --- a/pkgs/tools/security/certmgr/default.nix +++ b/pkgs/tools/security/certmgr/default.nix @@ -1,23 +1,43 @@ -{ stdenv, buildGoPackage, fetchFromGitHub }: +{ stdenv, buildGoPackage, fetchFromGitHub, fetchpatch }: -buildGoPackage rec { - version = "1.6.1"; - name = "certmgr-${version}"; +let + generic = { patches ? [] }: + buildGoPackage rec { + version = "1.6.1"; + name = "certmgr-${version}"; - goPackagePath = "github.com/cloudflare/certmgr/"; + goPackagePath = "github.com/cloudflare/certmgr/"; - src = fetchFromGitHub { - owner = "cloudflare"; - repo = "certmgr"; - rev = "v${version}"; - sha256 = "1ky2pw1wxrb2fxfygg50h0mid5l023x6xz9zj5754a023d01qqr2"; - }; + src = fetchFromGitHub { + owner = "cloudflare"; + repo = "certmgr"; + rev = "v${version}"; + sha256 = "1ky2pw1wxrb2fxfygg50h0mid5l023x6xz9zj5754a023d01qqr2"; + }; + + inherit patches; + + meta = with stdenv.lib; { + homepage = https://cfssl.org/; + description = "Cloudflare's certificate manager"; + platforms = platforms.linux; + license = licenses.bsd2; + maintainers = with maintainers; [ johanot srhb ]; + }; + }; +in +{ + certmgr = generic {}; - meta = with stdenv.lib; { - homepage = https://cfssl.org/; - description = "Cloudflare's certificate manager"; - platforms = platforms.linux; - license = licenses.bsd2; - maintainers = with maintainers; [ johanot srhb ]; + certmgr-selfsigned = generic { + # The following patch makes it possible to use a self-signed x509 cert + # for the cfssl apiserver. + # TODO: remove patch when PR is merged. + patches = [ + (fetchpatch { + url = "https://github.com/cloudflare/certmgr/pull/51.patch"; + sha256 = "0jhsw159d2mgybvbbn6pmvj4yqr5cwcal5fjwkcn9m4f4zlb6qrs"; + }) + ]; }; } |