diff options
Diffstat (limited to 'nixos/tests/common/acme/server/generate-certs.nix')
-rw-r--r-- | nixos/tests/common/acme/server/generate-certs.nix | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/nixos/tests/common/acme/server/generate-certs.nix b/nixos/tests/common/acme/server/generate-certs.nix new file mode 100644 index 000000000000..cd8fe0dffca1 --- /dev/null +++ b/nixos/tests/common/acme/server/generate-certs.nix @@ -0,0 +1,29 @@ +# Minica can provide a CA key and cert, plus a key +# and cert for our fake CA server's Web Front End (WFE). +{ + pkgs ? import <nixpkgs> {}, + minica ? pkgs.minica, + mkDerivation ? pkgs.stdenv.mkDerivation +}: +let + conf = import ./snakeoil-certs.nix; + domain = conf.domain; +in mkDerivation { + name = "test-certs"; + buildInputs = [ minica ]; + phases = [ "buildPhase" "installPhase" ]; + + buildPhase = '' + minica \ + --ca-key ca.key.pem \ + --ca-cert ca.cert.pem \ + --domains ${domain} + ''; + + installPhase = '' + mkdir -p $out + mv ca.*.pem $out/ + mv ${domain}/key.pem $out/${domain}.key.pem + mv ${domain}/cert.pem $out/${domain}.cert.pem + ''; +} |