From b19fdc9ec914ac176a9332feb59a7ca83ae0e3f5 Mon Sep 17 00:00:00 2001 From: aszlig Date: Mon, 11 Apr 2016 13:38:33 +0200 Subject: [PATCH] nixos/taskserver: Set server.crl for automatic CA Currently, we don't handle this yet, but let's set it so that we cover all the options. Signed-off-by: aszlig --- nixos/modules/services/misc/taskserver/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/misc/taskserver/default.nix b/nixos/modules/services/misc/taskserver/default.nix index 7e6e3d3873d..c81cd20b263 100644 --- a/nixos/modules/services/misc/taskserver/default.nix +++ b/nixos/modules/services/misc/taskserver/default.nix @@ -80,18 +80,19 @@ let # server server = ${cfg.listenHost}:${toString cfg.listenPort} - ${mkConfLine "server.crl" cfg.pki.server.crl} - - # certificates ${mkConfLine "trust" cfg.trust} + + # PKI options ${if needToCreateCA then '' ca.cert = ${cfg.dataDir}/keys/ca.cert server.cert = ${cfg.dataDir}/keys/server.cert server.key = ${cfg.dataDir}/keys/server.key + server.crl = ${cfg.dataDir}/keys/server.crl '' else '' ca.cert = ${cfg.pki.ca.cert} server.cert = ${cfg.pki.server.cert} server.key = ${cfg.pki.server.key} + server.crl = ${cfg.pki.server.crl} ''} '';