summary refs log tree commit diff
path: root/nixos/tests/common/acme/server/mkcerts.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/tests/common/acme/server/mkcerts.nix')
-rw-r--r--nixos/tests/common/acme/server/mkcerts.nix68
1 files changed, 0 insertions, 68 deletions
diff --git a/nixos/tests/common/acme/server/mkcerts.nix b/nixos/tests/common/acme/server/mkcerts.nix
deleted file mode 100644
index 2474019cbac..00000000000
--- a/nixos/tests/common/acme/server/mkcerts.nix
+++ /dev/null
@@ -1,68 +0,0 @@
-{ pkgs ? import <nixpkgs> {}
-, lib ? pkgs.lib
-, domains ? [ "acme.test" ]
-}:
-
-pkgs.runCommand "acme-snakeoil-ca" {
-  nativeBuildInputs = [ pkgs.openssl ];
-} ''
-  addpem() {
-    local file="$1"; shift
-    local storeFileName="$(IFS=.; echo "$*")"
-
-    echo -n "  " >> "$out"
-
-    # Every following argument is an attribute, so let's recurse and check
-    # every attribute whether it must be quoted and write it into $out.
-    while [ -n "$1" ]; do
-      if expr match "$1" '^[a-zA-Z][a-zA-Z0-9]*$' > /dev/null; then
-        echo -n "$1" >> "$out"
-      else
-        echo -n '"' >> "$out"
-        echo -n "$1" | sed -e 's/["$]/\\&/g' >> "$out"
-        echo -n '"' >> "$out"
-      fi
-      shift
-      [ -z "$1" ] || echo -n . >> "$out"
-    done
-
-    echo " = builtins.toFile \"$storeFileName\" '''" >> "$out"
-    sed -e 's/^/    /' "$file" >> "$out"
-
-    echo "  ''';" >> "$out"
-  }
-
-  echo '# Generated via mkcert.sh in the same directory.' > "$out"
-  echo '{' >> "$out"
-
-  openssl req -newkey rsa:4096 -x509 -sha256 -days 36500 \
-    -subj '/CN=Snakeoil CA' -nodes -out ca.pem -keyout ca.key
-
-  addpem ca.key ca key
-  addpem ca.pem ca cert
-
-  ${lib.concatMapStrings (fqdn: let
-    opensslConfig = pkgs.writeText "snakeoil.cnf" ''
-      [req]
-      default_bits = 4096
-      prompt = no
-      default_md = sha256
-      req_extensions = req_ext
-      distinguished_name = dn
-      [dn]
-      CN = ${fqdn}
-      [req_ext]
-      subjectAltName = DNS:${fqdn}
-    '';
-  in ''
-    export OPENSSL_CONF=${lib.escapeShellArg opensslConfig}
-    openssl genrsa -out snakeoil.key 4096
-    openssl req -new -key snakeoil.key -out snakeoil.csr
-    openssl x509 -req -in snakeoil.csr -sha256 -set_serial 666 \
-      -CA ca.pem -CAkey ca.key -out snakeoil.pem -days 36500
-    addpem snakeoil.key ${lib.escapeShellArg fqdn} key
-    addpem snakeoil.pem ${lib.escapeShellArg fqdn} cert
-  '') domains}
-
-  echo '}' >> "$out"
-''