diff options
Diffstat (limited to 'pkgs/tools/networking/easyrsa/default.nix')
-rw-r--r-- | pkgs/tools/networking/easyrsa/default.nix | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/pkgs/tools/networking/easyrsa/default.nix b/pkgs/tools/networking/easyrsa/default.nix index 740a9935ca35..1591bff41c8f 100644 --- a/pkgs/tools/networking/easyrsa/default.nix +++ b/pkgs/tools/networking/easyrsa/default.nix @@ -8,10 +8,11 @@ stdenv.mkDerivation rec { owner = "OpenVPN"; repo = "easy-rsa"; rev = "v${version}"; - sha256 = "sha256-zdVcT04nj7eE1a6M7WHeWpwG/TVTwyK+WgD70XwPXfY="; + hash = "sha256-zdVcT04nj7eE1a6M7WHeWpwG/TVTwyK+WgD70XwPXfY="; }; nativeBuildInputs = [ makeWrapper ]; + nativeInstallCheckInputs = [ openssl.bin ]; installPhase = '' mkdir -p $out/share/easy-rsa @@ -26,7 +27,7 @@ stdenv.mkDerivation rec { # Wrap it with the correct OpenSSL binary. wrapProgram $out/bin/easyrsa \ - --set EASYRSA_OPENSSL ${openssl.bin}/bin/openssl + --set-default EASYRSA_OPENSSL ${openssl.bin}/bin/openssl # Helper utility cat > $out/bin/easyrsa-init <<EOF @@ -36,6 +37,21 @@ stdenv.mkDerivation rec { chmod +x $out/bin/easyrsa-init ''; + doInstallCheck = true; + postInstallCheck = '' + set -euo pipefail + export EASYRSA_BATCH=1 + export EASYRSA_PASSIN=pass:nixpkgs + export EASYRSA_PASSOUT="$EASYRSA_PASSIN" + export EASYRSA_REQ_CN='nixpkgs test CA' + export EASYRSA_KEY_SIZE=3072 + export EASYRSA_ALGO=rsa + export EASYRSA_DIGEST=sha512 + $out/bin/easyrsa init-pki + $out/bin/easyrsa build-ca + openssl x509 -in pki/ca.crt -noout -subject | tee /dev/stderr | grep -zq "$EASYRSA_REQ_CN" + ''; + meta = with lib; { description = "Simple shell based CA utility"; homepage = "https://openvpn.net/"; |