add cert as module
This commit is contained in:
parent
8e58ca3115
commit
33f2125268
GPG key ID:
3FD715D87D7725E0
4 changed files with 42 additions and 2 deletions
|
|
@ -110,6 +110,7 @@
|
||||||
security = {
|
security = {
|
||||||
age.enable = true;
|
age.enable = true;
|
||||||
sops.enable = true;
|
sops.enable = true;
|
||||||
|
certs.enable = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -124,8 +125,6 @@
|
||||||
age.sshKeyPaths = ["/home/sako/.ssh/id_ed25519"];
|
age.sshKeyPaths = ["/home/sako/.ssh/id_ed25519"];
|
||||||
};
|
};
|
||||||
|
|
||||||
security.pki.certificateFiles = [./trust/homelab.pem];
|
|
||||||
|
|
||||||
networking.wireguard.interfaces = {
|
networking.wireguard.interfaces = {
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
19
modules/security/certs/default.nix
Normal file
19
modules/security/certs/default.nix
Normal file
|
|
@ -0,0 +1,19 @@
|
||||||
|
{
|
||||||
|
outputs,
|
||||||
|
options,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
with lib; let
|
||||||
|
cfg = config.modules.security.certs;
|
||||||
|
in {
|
||||||
|
options.modules.security.certs = {
|
||||||
|
enable = mkEnableOption false;
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
security.pki.certificateFiles = [./trust/homelab.pem];
|
||||||
|
};
|
||||||
|
}
|
||||||
0
modules/security/certs/default.nix~
Normal file
0
modules/security/certs/default.nix~
Normal file
22
modules/security/certs/trust/homelab.pem
Normal file
22
modules/security/certs/trust/homelab.pem
Normal file
|
|
@ -0,0 +1,22 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDjTCCAnUCFHMHoQwSTvnFMmBpncLHmiB5gITGMA0GCSqGSIb3DQEBCwUAMIGC
|
||||||
|
MQswCQYDVQQGEwJBRTENMAsGA1UECAwEWm9uZTENMAsGA1UEBwwEaG9tZTERMA8G
|
||||||
|
A1UECgwIYmFzZW1lbnQxDTALBgNVBAsMBHRydWUxETAPBgNVBAMMCHNha28uYm94
|
||||||
|
MSAwHgYJKoZIhvcNAQkBFhFzYWtvQGlzc29jb29sLmNvbTAeFw0yMzA1MTMxNTIx
|
||||||
|
MzdaFw0yODA1MTExNTIxMzdaMIGCMQswCQYDVQQGEwJBRTENMAsGA1UECAwEWm9u
|
||||||
|
ZTENMAsGA1UEBwwEaG9tZTERMA8GA1UECgwIYmFzZW1lbnQxDTALBgNVBAsMBHRy
|
||||||
|
dWUxETAPBgNVBAMMCHNha28uYm94MSAwHgYJKoZIhvcNAQkBFhFzYWtvQGlzc29j
|
||||||
|
b29sLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIfsXZqAG12A
|
||||||
|
oQsMP4TU3rTFhwjprHqau7LLg9vGEWaKmmTSnBDB0gTAMahPjdUflRBPi8n/j5kS
|
||||||
|
i2MddUbLl3FE6bAqh9GZDgXk/527TBTHkp2/UpruE60yr986rFrVqf1u/gKlZtog
|
||||||
|
cPCqgGiT4WZs82ArS8jfLIOf2PeZWAUbeyWS4EWsiAv2RZLV9RRvQdUejAKa6OGT
|
||||||
|
0qogzlorpl4PRlmAVN9LSqbA94WJoVZ3XNSoy/Q5IRxzvwlcSAZw6UJbHI+h8fzO
|
||||||
|
CyIVC5OXP4QmCqEGxI9F8XTL1ys1NlonlFqKgvwn0C2xqOB/bwlZYxF04ibPlrGO
|
||||||
|
y9OGMkhE170CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAezUjdsMRGId1d/Q/uQmV
|
||||||
|
1LBdIcfmzac6p9rWR5ky0j7ukJBlOz8p6/YFmzgjCFaz8urBJ1z+H778vYkg7qih
|
||||||
|
RRIVOVZtOy7kXS+sJIMlAOSFKUXup/tG373ocVow/TZUIih37Hv9zt67DDVKlESh
|
||||||
|
/z3Ffqtnk7rKiHOBnVrczfnahCu6cnnlcszvYR2+UCXubH02cJPZfnv91aM2YQCb
|
||||||
|
DNhCMgnOSnPi3DAW/EU833mh6IKk9ZXNHdqVuEuR26qdSYg1KCeBNSvxFAh3J8VC
|
||||||
|
ZSnE2k5wzMfkGZrJT7P0q1HdQ7Zv91aqQQcxoV/ezTeXwKDNd/YRcOvWnpBtSdiH
|
||||||
|
/g==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
Loading…
Reference in a new issue