Use cacert from nixpkgs for CURL_CA_BUNDLE

This commit is contained in:
jhonas 2022-11-27 21:30:47 +01:00
parent 9a89b3eeae
commit 341aa68b66
Signed by: teutat3s
GPG key ID: 924889A86D0B0FEB
2 changed files with 5 additions and 7 deletions

View file

@ -1,13 +1,12 @@
{ pkgs, caCertVersion, ... }: { pkgs, ... }:
pkgs.stdenv.mkDerivation { pkgs.stdenv.mkDerivation {
pname = "triton-utils"; pname = "triton-utils";
version = caCertVersion; version = "0.0.7";
src = pkgs.lib.cleanSource ./.; src = pkgs.lib.cleanSource ./.;
installPhase = '' installPhase = ''
mkdir -p $out/bin $out/share/certs mkdir -p $out/bin
cd ./utils cd ./utils
cp ./cacert-${caCertVersion}.pem $out/share/certs
cp ./ttp.sh $out/bin cp ./ttp.sh $out/bin
cp ./unset-env.sh $out/bin cp ./unset-env.sh $out/bin
''; '';

View file

@ -5,7 +5,6 @@ let
dataCenters = tritonConfig.dataCenters; dataCenters = tritonConfig.dataCenters;
mantaDomain = tritonConfig.mantaDomain; mantaDomain = tritonConfig.mantaDomain;
tritonApiDomain = tritonConfig.tritonApiDomain; tritonApiDomain = tritonConfig.tritonApiDomain;
caCertVersion = "2022-10-11";
in in
{ {
# devshell docs: https://numtide.github.io/devshell/modules_schema.html # devshell docs: https://numtide.github.io/devshell/modules_schema.html
@ -65,7 +64,7 @@ in
# see overlay.nix # see overlay.nix
docker-compose_1 docker-compose_1
# shell scripts and utilities to set and unset triton environment variables # shell scripts and utilities to set and unset triton environment variables
self.packages.${system}.triton-utils { inherit caCertVersion; } self.packages.${system}.triton-utils
self.packages.${system}.triton-docker-env self.packages.${system}.triton-docker-env
# useful for working with JSON data # useful for working with JSON data
bunyan-rs bunyan-rs
@ -78,7 +77,7 @@ in
# see: https://github.com/joyent/triton-docker-cli/issues/17 # see: https://github.com/joyent/triton-docker-cli/issues/17
{ {
name = "CURL_CA_BUNDLE"; name = "CURL_CA_BUNDLE";
value = "${self.packages.${system}.triton-utils}/share/certs/cacert-${caCertVersion}.pem"; value = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
} }
{ {
name = "CONSUL_HTTP_ADDR"; name = "CONSUL_HTTP_ADDR";