diff options
Diffstat (limited to 'nixpkgs/nixos/tests/common/acme/server/generate-certs.nix')
-rw-r--r-- | nixpkgs/nixos/tests/common/acme/server/generate-certs.nix | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix b/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix new file mode 100644 index 000000000000..4f38ca309b05 --- /dev/null +++ b/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix @@ -0,0 +1,33 @@ +# Minica can provide a CA key and cert, plus a key +# and cert for our fake CA server's Web Front End (WFE). +{ + pkgs ? import <nixpkgs> {}, + minica ? pkgs.minica, + mkDerivation ? pkgs.stdenv.mkDerivation +}: +let + conf = import ./snakeoil-certs.nix; + domain = conf.domain; +in mkDerivation { + name = "test-certs"; + buildInputs = [ (minica.overrideAttrs (old: { + prePatch = '' + sed -i 's_NotAfter: time.Now().AddDate(2, 0, 30),_NotAfter: time.Now().AddDate(20, 0, 0),_' main.go + ''; + })) ]; + dontUnpack = true; + + buildPhase = '' + minica \ + --ca-key ca.key.pem \ + --ca-cert ca.cert.pem \ + --domains ${domain} + ''; + + installPhase = '' + mkdir -p $out + mv ca.*.pem $out/ + mv ${domain}/key.pem $out/${domain}.key.pem + mv ${domain}/cert.pem $out/${domain}.cert.pem + ''; +} |