aboutsummaryrefslogtreecommitdiff
path: root/infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix
diff options
context:
space:
mode:
Diffstat (limited to 'infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix')
-rw-r--r--infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix29
1 files changed, 29 insertions, 0 deletions
diff --git a/infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix b/infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix
new file mode 100644
index 000000000000..cd8fe0dffca1
--- /dev/null
+++ b/infra/libkookie/nixpkgs/nixos/tests/common/acme/server/generate-certs.nix
@@ -0,0 +1,29 @@
+# Minica can provide a CA key and cert, plus a key
+# and cert for our fake CA server's Web Front End (WFE).
+{
+ pkgs ? import <nixpkgs> {},
+ minica ? pkgs.minica,
+ mkDerivation ? pkgs.stdenv.mkDerivation
+}:
+let
+ conf = import ./snakeoil-certs.nix;
+ domain = conf.domain;
+in mkDerivation {
+ name = "test-certs";
+ buildInputs = [ minica ];
+ phases = [ "buildPhase" "installPhase" ];
+
+ buildPhase = ''
+ minica \
+ --ca-key ca.key.pem \
+ --ca-cert ca.cert.pem \
+ --domains ${domain}
+ '';
+
+ installPhase = ''
+ mkdir -p $out
+ mv ca.*.pem $out/
+ mv ${domain}/key.pem $out/${domain}.key.pem
+ mv ${domain}/cert.pem $out/${domain}.cert.pem
+ '';
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 13:43:53 +0000