{ lib, config, pkgs, ... }:
let
{ lib, config, pkgs, ... }:
let
mkActvationScript = name: cert-cfg:
let
pem-path = "${cert-cfg.dir}/${name}.pem";
key-path = "${cert-cfg.dir}/${name}.key";
in {
name = "make-cert-${name}";
mkActvationScript = name: cert-cfg:
let
pem-path = "${cert-cfg.dir}/${name}.pem";
key-path = "${cert-cfg.dir}/${name}.key";
in {
name = "make-cert-${name}";
if [[ ! -e ${escapeShellArg pem-path} ]];then
${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg cert-cfg.dir}
${pkgs.openssl}/bin/openssl req -batch -x509 -newkey rsa:4096 \
if [[ ! -e ${escapeShellArg pem-path} ]];then
${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg cert-cfg.dir}
${pkgs.openssl}/bin/openssl req -batch -x509 -newkey rsa:4096 \
'' + lib.optionalString cert-cfg.print ''
echo Public certificate for ${escapeShellArg name}: >&2
${pkgs.coreutils}/bin/cat ${escapeShellArg pem-path} >&2
'' + lib.optionalString cert-cfg.print ''
echo Public certificate for ${escapeShellArg name}: >&2
${pkgs.coreutils}/bin/cat ${escapeShellArg pem-path} >&2
projects / nixos-make-certs / commitdiff