add cert as module

2023-10-08 14:46:05 +04:00 · 2023-10-08 14:46:05 +04:00 · 33f2125268
commit 33f2125268
parent 8e58ca3115
4 changed files with 42 additions and 2 deletions
--- a/hosts/sakotop/configuration.nix
+++ b/hosts/sakotop/configuration.nix
@ -110,6 +110,7 @@
    security = {
      age.enable = true;
      sops.enable = true;
+      certs.enable = true;
    };
  };

@ -124,8 +125,6 @@
    age.sshKeyPaths = ["/home/sako/.ssh/id_ed25519"];
  };

-  security.pki.certificateFiles = [./trust/homelab.pem];
-
  networking.wireguard.interfaces = {
  };

--- a/modules/security/certs/default.nix
+++ b/modules/security/certs/default.nix
@ -0,0 +1,19 @@
+{
+  outputs,
+  options,
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.modules.security.certs;
+in {
+  options.modules.security.certs = {
+    enable = mkEnableOption false;
+  };
+
+  config = mkIf cfg.enable {
+    security.pki.certificateFiles = [./trust/homelab.pem];
+  };
+}
--- a/modules/security/certs/default.nix~
+++ b/modules/security/certs/default.nix~
--- a/modules/security/certs/trust/homelab.pem
+++ b/modules/security/certs/trust/homelab.pem
@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDjTCCAnUCFHMHoQwSTvnFMmBpncLHmiB5gITGMA0GCSqGSIb3DQEBCwUAMIGC
+MQswCQYDVQQGEwJBRTENMAsGA1UECAwEWm9uZTENMAsGA1UEBwwEaG9tZTERMA8G
+A1UECgwIYmFzZW1lbnQxDTALBgNVBAsMBHRydWUxETAPBgNVBAMMCHNha28uYm94
+MSAwHgYJKoZIhvcNAQkBFhFzYWtvQGlzc29jb29sLmNvbTAeFw0yMzA1MTMxNTIx
+MzdaFw0yODA1MTExNTIxMzdaMIGCMQswCQYDVQQGEwJBRTENMAsGA1UECAwEWm9u
+ZTENMAsGA1UEBwwEaG9tZTERMA8GA1UECgwIYmFzZW1lbnQxDTALBgNVBAsMBHRy
+dWUxETAPBgNVBAMMCHNha28uYm94MSAwHgYJKoZIhvcNAQkBFhFzYWtvQGlzc29j
+b29sLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIfsXZqAG12A
+oQsMP4TU3rTFhwjprHqau7LLg9vGEWaKmmTSnBDB0gTAMahPjdUflRBPi8n/j5kS
+i2MddUbLl3FE6bAqh9GZDgXk/527TBTHkp2/UpruE60yr986rFrVqf1u/gKlZtog
+cPCqgGiT4WZs82ArS8jfLIOf2PeZWAUbeyWS4EWsiAv2RZLV9RRvQdUejAKa6OGT
+0qogzlorpl4PRlmAVN9LSqbA94WJoVZ3XNSoy/Q5IRxzvwlcSAZw6UJbHI+h8fzO
+CyIVC5OXP4QmCqEGxI9F8XTL1ys1NlonlFqKgvwn0C2xqOB/bwlZYxF04ibPlrGO
+y9OGMkhE170CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAezUjdsMRGId1d/Q/uQmV
+1LBdIcfmzac6p9rWR5ky0j7ukJBlOz8p6/YFmzgjCFaz8urBJ1z+H778vYkg7qih
+RRIVOVZtOy7kXS+sJIMlAOSFKUXup/tG373ocVow/TZUIih37Hv9zt67DDVKlESh
+/z3Ffqtnk7rKiHOBnVrczfnahCu6cnnlcszvYR2+UCXubH02cJPZfnv91aM2YQCb
+DNhCMgnOSnPi3DAW/EU833mh6IKk9ZXNHdqVuEuR26qdSYg1KCeBNSvxFAh3J8VC
+ZSnE2k5wzMfkGZrJT7P0q1HdQ7Zv91aqQQcxoV/ezTeXwKDNd/YRcOvWnpBtSdiH
+/g==
+-----END CERTIFICATE-----