Add internal CA
All checks were successful
Run nix flake check / flake-check (push) Successful in 3m31s
All checks were successful
Run nix flake check / flake-check (push) Successful in 3m31s
This commit is contained in:
@@ -4,6 +4,7 @@
|
||||
./monitoring.nix
|
||||
./packages.nix
|
||||
./root-user.nix
|
||||
./root-ca.nix
|
||||
./sops.nix
|
||||
./sshd.nix
|
||||
./weekly-rebuild.nix
|
||||
|
||||
12
system/root-ca.crt
Normal file
12
system/root-ca.crt
Normal file
@@ -0,0 +1,12 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIBxDCCAWmgAwIBAgIQQCSzuOLIKLj1dGbC+NFttjAKBggqhkjOPQQDAjBAMRow
|
||||
GAYDVQQKExFob21lLjJyanVzLm5ldCBDQTEiMCAGA1UEAxMZaG9tZS4ycmp1cy5u
|
||||
ZXQgQ0EgUm9vdCBDQTAeFw0yNDEwMjEwOTEyNDRaFw0zNDEwMTkwOTEyNDRaMEAx
|
||||
GjAYBgNVBAoTEWhvbWUuMnJqdXMubmV0IENBMSIwIAYDVQQDExlob21lLjJyanVz
|
||||
Lm5ldCBDQSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGDE4ss9y
|
||||
9msphQ/Sa/tAoEaGoDHQcg5oRcxWL5SZYjUPNl+zbRZzqkvCz2S1XrHJPiPWbyJX
|
||||
cZAlPxbwZrWDyKNFMEMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
|
||||
AQEwHQYDVR0OBBYEFPZx6AahX5diBMChZbv5N4dh+vCTMAoGCCqGSM49BAMCA0kA
|
||||
MEYCIQC6yqMM9/s1Dct5jlq0NAGsDA68hVTDcO3RP61lxQlfBwIhAL1jlmIwaSJc
|
||||
TjdIMjPQ3ombBRqDJBDvDr8o6oOUjret
|
||||
-----END CERTIFICATE-----
|
||||
9
system/root-ca.nix
Normal file
9
system/root-ca.nix
Normal file
@@ -0,0 +1,9 @@
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
security.pki = {
|
||||
certificateFiles = [
|
||||
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
./root-ca.crt
|
||||
];
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user