diff options
author | sohalt <sohalt@sohalt.net> | 2022-04-28 17:56:03 +0200 |
---|---|---|
committer | sohalt <sohalt@sohalt.net> | 2022-05-03 11:57:25 +0200 |
commit | f238aa983364b2ac8e5cfd7862b5edc19348a105 (patch) | |
tree | 6b903d94ecb7a217ba2a532c605c85f5a754eb6b /pkgs/build-support/docker | |
parent | 3ae05d648e3d0e9013e528d82bdc0b39f8742c4d (diff) | |
download | nixpkgs-f238aa983364b2ac8e5cfd7862b5edc19348a105.tar nixpkgs-f238aa983364b2ac8e5cfd7862b5edc19348a105.tar.gz nixpkgs-f238aa983364b2ac8e5cfd7862b5edc19348a105.tar.bz2 nixpkgs-f238aa983364b2ac8e5cfd7862b5edc19348a105.tar.lz nixpkgs-f238aa983364b2ac8e5cfd7862b5edc19348a105.tar.xz nixpkgs-f238aa983364b2ac8e5cfd7862b5edc19348a105.tar.zst nixpkgs-f238aa983364b2ac8e5cfd7862b5edc19348a105.zip |
dockerTools: add caCertificates helper
Various tools (e.g. wget) expect the ca bundle to be available at /etc/ssl/certs/ca-certificates.crt
Diffstat (limited to 'pkgs/build-support/docker')
-rw-r--r-- | pkgs/build-support/docker/default.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index 5a4e30ede8a..4eb88a33ade 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -773,6 +773,16 @@ rec { ln -s ${bashInteractive}/bin/bash $out/bin/sh ''; + # This provides the ca bundle in common locations + caCertificates = runCommand "ca-certificates" { } '' + # Old NixOS compatibility. + ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs/ca-bundle.crt + # NixOS canonical location + Debian/Ubuntu/Arch/Gentoo compatibility. + ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs/ca-certificates.crt + # CentOS/Fedora compatibility. + ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/pki/tls/certs/ca-bundle.crt + ''; + # Build an image and populate its nix database with the provided # contents. The main purpose is to be able to use nix commands in # the container. |