diff options
Diffstat (limited to 'nixos/modules/security/ca.nix')
-rw-r--r-- | nixos/modules/security/ca.nix | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/nixos/modules/security/ca.nix b/nixos/modules/security/ca.nix new file mode 100644 index 000000000000..2e93fb36b450 --- /dev/null +++ b/nixos/modules/security/ca.nix @@ -0,0 +1,26 @@ +{ config, pkgs, ... }: + +with pkgs.lib; + +{ + + config = { + + environment.etc = + [ { source = "${pkgs.cacert}/etc/ca-bundle.crt"; + target = "ssl/certs/ca-bundle.crt"; + } + + # Backward compatibility; may remove at some point. + { source = "${pkgs.cacert}/etc/ca-bundle.crt"; + target = "ca-bundle.crt"; + } + ]; + + environment.variables.OPENSSL_X509_CERT_FILE = "/etc/ssl/certs/ca-bundle.crt"; + environment.variables.CURL_CA_BUNDLE = "/etc/ssl/certs/ca-bundle.crt"; + environment.variables.GIT_SSL_CAINFO = "/etc/ssl/certs/ca-bundle.crt"; + + }; + +} |