diff options
| author | aszlig <aszlig@redmoonstudios.org> | 2016-04-11 12:42:20 +0200 |
|---|---|---|
| committer | aszlig <aszlig@redmoonstudios.org> | 2016-04-11 12:42:20 +0200 |
| commit | 3affead91bd15345788554bdf1157393488a514e (patch) | |
| tree | 0cc0d18b676aa864153b17ccc37ec82f56a19eb9 /nixos/modules | |
| parent | 6de94e7d2449eefccdb99100426759472e4b14a4 (diff) | |
| download | nixpkgs-3affead91bd15345788554bdf1157393488a514e.tar nixpkgs-3affead91bd15345788554bdf1157393488a514e.tar.gz nixpkgs-3affead91bd15345788554bdf1157393488a514e.tar.bz2 nixpkgs-3affead91bd15345788554bdf1157393488a514e.tar.lz nixpkgs-3affead91bd15345788554bdf1157393488a514e.tar.xz nixpkgs-3affead91bd15345788554bdf1157393488a514e.tar.zst nixpkgs-3affead91bd15345788554bdf1157393488a514e.zip | |
nixos/taskserver: Move .pki.fqdn to .fqdn
It's not necessarily related to the PKI options, because this is also used for setting the server address on the Taskwarrior client. So if someone doesn't have his/her own certificates from another CA, all options that need to be adjusted are in .pki. And if someone doesn't want to bother with getting certificates from another CA, (s)he just doesn't set anything in .pki. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/services/misc/taskserver/default.nix | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/nixos/modules/services/misc/taskserver/default.nix b/nixos/modules/services/misc/taskserver/default.nix index 063002167cf..c5c3600c1a6 100644 --- a/nixos/modules/services/misc/taskserver/default.nix +++ b/nixos/modules/services/misc/taskserver/default.nix @@ -88,8 +88,7 @@ let src = ./helper-tool.py; certtool = "${pkgs.gnutls}/bin/certtool"; inherit taskd; - inherit (cfg) dataDir user group; - inherit (cfg.pki) fqdn; + inherit (cfg) dataDir user group fqdn; }}" > "$out/main.py" cat > "$out/setup.py" <<EOF from setuptools import setup @@ -253,16 +252,16 @@ in { ''; }; - pki = { - fqdn = mkOption { - type = types.str; - default = "localhost"; - description = '' - The fully qualified domain name of this server, which is used as the - common name in the certificates. - ''; - }; + fqdn = mkOption { + type = types.str; + default = "localhost"; + description = '' + The fully qualified domain name of this server, which is also used + as the common name in the certificates. + ''; + }; + pki = { cert = mkOption { type = types.nullOr types.path; default = null; @@ -345,7 +344,7 @@ in { --outfile "${cfg.dataDir}/keys/ca.key" ${pkgs.gnutls}/bin/certtool -s \ --template "${pkgs.writeText "taskserver-ca.template" '' - cn = ${cfg.pki.fqdn} + cn = ${cfg.fqdn} cert_signing_key ca ''}" \ @@ -363,7 +362,7 @@ in { ${pkgs.gnutls}/bin/certtool -c \ --template "${pkgs.writeText "taskserver-cert.template" '' - cn = ${cfg.pki.fqdn} + cn = ${cfg.fqdn} tls_www_server encryption_key signing_key |