blob: 798a749f7f9b7c40fac0af127d8f2cfaa56f92bb (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
{ lib, nodes, ... }: {
networking.nameservers = [
nodes.letsencrypt.config.networking.primaryIPAddress
];
nixpkgs.overlays = lib.singleton (self: super: {
cacert = super.cacert.overrideDerivation (drv: {
installPhase = (drv.installPhase or "") + ''
cat "${nodes.letsencrypt.config.test-support.letsencrypt.caCert}" \
>> "$out/etc/ssl/certs/ca-bundle.crt"
'';
});
# Override certifi so that it accepts fake certificate for Let's Encrypt
# Need to override the attribute used by simp_le, which is python3Packages
python3Packages = (super.python3.override {
packageOverrides = lib.const (pysuper: {
certifi = pysuper.certifi.overridePythonAttrs (attrs: {
postPatch = (attrs.postPatch or "") + ''
cat "${self.cacert}/etc/ssl/certs/ca-bundle.crt" \
> certifi/cacert.pem
'';
});
});
}).pkgs;
});
}
|