blob: 4f38ca309b05bc2507ea92a321515f9849a0839c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
# Minica can provide a CA key and cert, plus a key
# and cert for our fake CA server's Web Front End (WFE).
{
pkgs ? import <nixpkgs> {},
minica ? pkgs.minica,
mkDerivation ? pkgs.stdenv.mkDerivation
}:
let
conf = import ./snakeoil-certs.nix;
domain = conf.domain;
in mkDerivation {
name = "test-certs";
buildInputs = [ (minica.overrideAttrs (old: {
prePatch = ''
sed -i 's_NotAfter: time.Now().AddDate(2, 0, 30),_NotAfter: time.Now().AddDate(20, 0, 0),_' main.go
'';
})) ];
dontUnpack = true;
buildPhase = ''
minica \
--ca-key ca.key.pem \
--ca-cert ca.cert.pem \
--domains ${domain}
'';
installPhase = ''
mkdir -p $out
mv ca.*.pem $out/
mv ${domain}/key.pem $out/${domain}.key.pem
mv ${domain}/cert.pem $out/${domain}.cert.pem
'';
}
|