diff --git a/configs/ca.nix b/configs/ca.nix index 73ea119..9c50d7c 100644 --- a/configs/ca.nix +++ b/configs/ca.nix @@ -1,7 +1,5 @@ { config, lib, pkgs, ... }: -let - cfg = config.services.xinCA; - stepKmsPlugin = pkgs.callPackage ../pkgs/step-kms-plugin.nix { }; +let cfg = config.services.xinCA; in with lib; { options = { services.xinCA = { @@ -68,7 +66,7 @@ in with lib; { environment.sessionVariables = { STEPPATH = "/var/lib/step-ca"; }; environment.systemPackages = with pkgs; [ step-cli - stepKmsPlugin + step-kms-plugin opensc libressl ]; diff --git a/flake.nix b/flake.nix index e254e23..058bd0f 100644 --- a/flake.nix +++ b/flake.nix @@ -251,7 +251,6 @@ }; sliding-sync = pkgs.callPackage ./pkgs/sliding-sync.nix { inherit pkgs; }; - step-kms-plugin = pkgs.callPackage ./pkgs/step-kms-plugin.nix { }; tailscaleSystray = pkgs.callPackage ./pkgs/tailscale-systray.nix { inherit pkgs; }; golink = pkgs.callPackage ./pkgs/golink.nix { inherit pkgs; }; diff --git a/pkgs/step-kms-plugin.nix b/pkgs/step-kms-plugin.nix deleted file mode 100644 index b31127c..0000000 --- a/pkgs/step-kms-plugin.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ lib, buildGoModule, fetchFromGitHub, pkg-config, pcsclite, softhsm, opensc -, yubihsm-shell }: - -buildGoModule rec { - pname = "step-kms-plugin"; - version = "0.7.0"; - - src = fetchFromGitHub { - owner = "smallstep"; - repo = pname; - rev = "v${version}"; - hash = "sha256-5oMkR997ZbPpOqazpyxEvLKbak7THAu855FC6a/Tr+4="; - }; - - vendorHash = "sha256-Zd2rZez5vP9uL5dolGHO8FR0ARoYP78amcakK/lKtdc="; - - proxyVendor = true; - - nativeBuildInputs = [ pkg-config ]; - - buildInputs = [ opensc pcsclite softhsm yubihsm-shell ]; - - ldflags = [ - "-w" - "-s" - "-X github.com/smallstep/step-kms-plugin/cmd.Version=${version}" - ]; - - meta = with lib; { - description = - "step plugin to manage keys and certificates on cloud KMSs and HSMs"; - homepage = "https://smallstep.com/cli/"; - license = licenses.asl20; - maintainers = with maintainers; [ qbit ]; - mainProgram = "step-kms-plugin"; - }; -}