aboutsummaryrefslogtreecommitdiff
path: root/nixpkgs/nixos/tests/common/acme/server/mkcerts.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/tests/common/acme/server/mkcerts.nix')
-rw-r--r--nixpkgs/nixos/tests/common/acme/server/mkcerts.nix68
1 files changed, 0 insertions, 68 deletions
diff --git a/nixpkgs/nixos/tests/common/acme/server/mkcerts.nix b/nixpkgs/nixos/tests/common/acme/server/mkcerts.nix
deleted file mode 100644
index 2474019cbac..00000000000
--- a/nixpkgs/nixos/tests/common/acme/server/mkcerts.nix
+++ /dev/null
@@ -1,68 +0,0 @@
-{ pkgs ? import <nixpkgs> {}
-, lib ? pkgs.lib
-, domains ? [ "acme.test" ]
-}:
-
-pkgs.runCommand "acme-snakeoil-ca" {
- nativeBuildInputs = [ pkgs.openssl ];
-} ''
- addpem() {
- local file="$1"; shift
- local storeFileName="$(IFS=.; echo "$*")"
-
- echo -n " " >> "$out"
-
- # Every following argument is an attribute, so let's recurse and check
- # every attribute whether it must be quoted and write it into $out.
- while [ -n "$1" ]; do
- if expr match "$1" '^[a-zA-Z][a-zA-Z0-9]*$' > /dev/null; then
- echo -n "$1" >> "$out"
- else
- echo -n '"' >> "$out"
- echo -n "$1" | sed -e 's/["$]/\\&/g' >> "$out"
- echo -n '"' >> "$out"
- fi
- shift
- [ -z "$1" ] || echo -n . >> "$out"
- done
-
- echo " = builtins.toFile \"$storeFileName\" '''" >> "$out"
- sed -e 's/^/ /' "$file" >> "$out"
-
- echo " ''';" >> "$out"
- }
-
- echo '# Generated via mkcert.sh in the same directory.' > "$out"
- echo '{' >> "$out"
-
- openssl req -newkey rsa:4096 -x509 -sha256 -days 36500 \
- -subj '/CN=Snakeoil CA' -nodes -out ca.pem -keyout ca.key
-
- addpem ca.key ca key
- addpem ca.pem ca cert
-
- ${lib.concatMapStrings (fqdn: let
- opensslConfig = pkgs.writeText "snakeoil.cnf" ''
- [req]
- default_bits = 4096
- prompt = no
- default_md = sha256
- req_extensions = req_ext
- distinguished_name = dn
- [dn]
- CN = ${fqdn}
- [req_ext]
- subjectAltName = DNS:${fqdn}
- '';
- in ''
- export OPENSSL_CONF=${lib.escapeShellArg opensslConfig}
- openssl genrsa -out snakeoil.key 4096
- openssl req -new -key snakeoil.key -out snakeoil.csr
- openssl x509 -req -in snakeoil.csr -sha256 -set_serial 666 \
- -CA ca.pem -CAkey ca.key -out snakeoil.pem -days 36500
- addpem snakeoil.key ${lib.escapeShellArg fqdn} key
- addpem snakeoil.pem ${lib.escapeShellArg fqdn} cert
- '') domains}
-
- echo '}' >> "$out"
-''
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 09:44:44 +0000