qbit/xin
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

ca: install step-cli and set ENV var to point to configs

Browse Source
This commit is contained in:
Aaron Bieber 2023-02-11 05:44:22 -07:00
parent a2b0137d99
commit 571050d966
No known key found for this signature in database
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
configs/ca.nix
View File

@ -22,12 +22,6 @@ with lib; {
owner = config.xinCA.user;
sopsFile = config.xin-secrets.cert_authority;
};
"ca.json" = {
mode = "400";
owner = config.xinCA.user;
sopsFile = config.xin-secrets.cert_authority;
path = "/var/lib/step-ca/config/ca.json";
};
"defaults.json" = {
mode = "400";
owner = config.xinCA.user;
@ -62,6 +56,10 @@ with lib; {
networking.hosts = { "127.0.0.1" = [ "ca.bolddaemon.com" ]; };
environment.systemPackages = with pkgs; [ step-cli ];
environment.sessionVariables = { STEPPATH = "/var/lib/step-ca"; };
services.step-ca = {
enable = true;
intermediatePasswordFile = "${config.sops.secrets.ca_password.path}";