diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2010-01-20 14:22:47 +0000 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2010-01-20 14:22:47 +0000 |
commit | 8a6346e4774910348fcbe149f2b2892556518bf5 (patch) | |
tree | e0c8f8228b132ce3fc13a1ae6fb7ec0e953c7271 /modules | |
parent | 6502806689113c1a12b944be2695664ea7e7f26a (diff) | |
download | nixpkgs-8a6346e4774910348fcbe149f2b2892556518bf5.tar nixpkgs-8a6346e4774910348fcbe149f2b2892556518bf5.tar.gz nixpkgs-8a6346e4774910348fcbe149f2b2892556518bf5.tar.bz2 nixpkgs-8a6346e4774910348fcbe149f2b2892556518bf5.tar.lz nixpkgs-8a6346e4774910348fcbe149f2b2892556518bf5.tar.xz nixpkgs-8a6346e4774910348fcbe149f2b2892556518bf5.tar.zst nixpkgs-8a6346e4774910348fcbe149f2b2892556518bf5.zip |
* Provide a bundle of CA certificates in /etc/ca-bundle.crt, and set
the CURL_CA_BUNDLE environment variable. This allows curl to work without the `-k' flag on https sites with a properly signed certificate. svn path=/nixos/trunk/; revision=19572
Diffstat (limited to 'modules')
-rw-r--r-- | modules/module-list.nix | 1 | ||||
-rw-r--r-- | modules/security/ca.nix | 21 |
2 files changed, 22 insertions, 0 deletions
diff --git a/modules/module-list.nix b/modules/module-list.nix index d140f7ad335..e51237f1ca0 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -31,6 +31,7 @@ ./programs/ssh.nix ./programs/ssmtp.nix ./rename.nix + ./security/ca.nix ./security/consolekit.nix ./security/pam.nix ./security/pam_usb.nix diff --git a/modules/security/ca.nix b/modules/security/ca.nix new file mode 100644 index 00000000000..efa32f5e8f3 --- /dev/null +++ b/modules/security/ca.nix @@ -0,0 +1,21 @@ +{ config, pkgs, ... }: + +with pkgs.lib; + +{ + + config = { + + environment.etc = singleton + { source = "${pkgs.cacert}/etc/ca-bundle.crt"; + target = "ca-bundle.crt"; + }; + + environment.shellInit = + '' + export CURL_CA_BUNDLE=/etc/ca-bundle.crt + ''; + + }; + +} |