add cert as module

This commit is contained in:
Sakooooo 2023-10-08 14:46:05 +04:00
parent 8e58ca3115
commit 33f2125268
Signed by: sako
GPG key ID: 3FD715D87D7725E0
4 changed files with 42 additions and 2 deletions

View file

@ -110,6 +110,7 @@
security = {
age.enable = true;
sops.enable = true;
certs.enable = true;
};
};
@ -124,8 +125,6 @@
age.sshKeyPaths = ["/home/sako/.ssh/id_ed25519"];
};
security.pki.certificateFiles = [./trust/homelab.pem];
networking.wireguard.interfaces = {
};

View file

@ -0,0 +1,19 @@
{
outputs,
options,
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.modules.security.certs;
in {
options.modules.security.certs = {
enable = mkEnableOption false;
};
config = mkIf cfg.enable {
security.pki.certificateFiles = [./trust/homelab.pem];
};
}

View file

View file

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDjTCCAnUCFHMHoQwSTvnFMmBpncLHmiB5gITGMA0GCSqGSIb3DQEBCwUAMIGC
MQswCQYDVQQGEwJBRTENMAsGA1UECAwEWm9uZTENMAsGA1UEBwwEaG9tZTERMA8G
A1UECgwIYmFzZW1lbnQxDTALBgNVBAsMBHRydWUxETAPBgNVBAMMCHNha28uYm94
MSAwHgYJKoZIhvcNAQkBFhFzYWtvQGlzc29jb29sLmNvbTAeFw0yMzA1MTMxNTIx
MzdaFw0yODA1MTExNTIxMzdaMIGCMQswCQYDVQQGEwJBRTENMAsGA1UECAwEWm9u
ZTENMAsGA1UEBwwEaG9tZTERMA8GA1UECgwIYmFzZW1lbnQxDTALBgNVBAsMBHRy
dWUxETAPBgNVBAMMCHNha28uYm94MSAwHgYJKoZIhvcNAQkBFhFzYWtvQGlzc29j
b29sLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIfsXZqAG12A
oQsMP4TU3rTFhwjprHqau7LLg9vGEWaKmmTSnBDB0gTAMahPjdUflRBPi8n/j5kS
i2MddUbLl3FE6bAqh9GZDgXk/527TBTHkp2/UpruE60yr986rFrVqf1u/gKlZtog
cPCqgGiT4WZs82ArS8jfLIOf2PeZWAUbeyWS4EWsiAv2RZLV9RRvQdUejAKa6OGT
0qogzlorpl4PRlmAVN9LSqbA94WJoVZ3XNSoy/Q5IRxzvwlcSAZw6UJbHI+h8fzO
CyIVC5OXP4QmCqEGxI9F8XTL1ys1NlonlFqKgvwn0C2xqOB/bwlZYxF04ibPlrGO
y9OGMkhE170CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAezUjdsMRGId1d/Q/uQmV
1LBdIcfmzac6p9rWR5ky0j7ukJBlOz8p6/YFmzgjCFaz8urBJ1z+H778vYkg7qih
RRIVOVZtOy7kXS+sJIMlAOSFKUXup/tG373ocVow/TZUIih37Hv9zt67DDVKlESh
/z3Ffqtnk7rKiHOBnVrczfnahCu6cnnlcszvYR2+UCXubH02cJPZfnv91aM2YQCb
DNhCMgnOSnPi3DAW/EU833mh6IKk9ZXNHdqVuEuR26qdSYg1KCeBNSvxFAh3J8VC
ZSnE2k5wzMfkGZrJT7P0q1HdQ7Zv91aqQQcxoV/ezTeXwKDNd/YRcOvWnpBtSdiH
/g==
-----END CERTIFICATE-----