Merge commit '83cbad92d73216bb0d9187c56cce0b91f9121d5a' into main

author: Mx Kookie <kookie@spacekookie.de> 2020-12-09 18:55:19 +0000
committer: Mx Kookie <kookie@spacekookie.de> 2020-12-09 18:55:19 +0000
commit: 80d90d9b204f7c17912740f9f414fe5d59f293ba (patch)
tree: 5f2065a06e724270610760d59d01c6888b375a46 /infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix
parent: 3a31a84c7d3e589035ad08499206aac44a81f424 (diff)
parent: 83cbad92d73216bb0d9187c56cce0b91f9121d5a (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix b/infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix
new file mode 100644
index 000000000000..cd8fe0dffca1
--- /dev/null
+++ b/infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix
@@ -0,0 +1,29 @@
+# Minica can provide a CA key and cert, plus a key
+# and cert for our fake CA server's Web Front End (WFE).
+{
+  pkgs ? import <nixpkgs> {},
+  minica ? pkgs.minica,
+  mkDerivation ? pkgs.stdenv.mkDerivation
+}:
+let
+  conf = import ./snakeoil-certs.nix;
+  domain = conf.domain;
+in mkDerivation {
+  name = "test-certs";
+  buildInputs = [ minica ];
+  phases = [ "buildPhase" "installPhase" ];
+
+  buildPhase = ''
+    minica \
+      --ca-key ca.key.pem \
+      --ca-cert ca.cert.pem \
+      --domains ${domain}
+  '';
+
+  installPhase = ''
+    mkdir -p $out
+    mv ca.*.pem $out/
+    mv ${domain}/key.pem $out/${domain}.key.pem
+    mv ${domain}/cert.pem $out/${domain}.cert.pem
+  '';
+}
author	Mx Kookie <kookie@spacekookie.de>	2020-12-09 18:55:19 +0000
committer	Mx Kookie <kookie@spacekookie.de>	2020-12-09 18:55:19 +0000
commit	80d90d9b204f7c17912740f9f414fe5d59f293ba (patch)
tree	5f2065a06e724270610760d59d01c6888b375a46 /infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix
parent	3a31a84c7d3e589035ad08499206aac44a81f424 (diff)
parent	83cbad92d73216bb0d9187c56cce0b91f9121d5a (diff)