0c0af28cd5
Let's encrypt bumped ACME to V2. We need to update our nixos test to be compatible with this new protocol version. We decided to drop the Boulder ACME server in favor of the more integration test friendly Pebble. - overriding cacert not necessary - this avoids rebuilding lots of packages needlessly - nixos/tests/acme: use pebble's ca for client tests - pebble always generates its own ca which has to be fetched TODO: write proper commit msg :)
10 lines
261 B
Nix
10 lines
261 B
Nix
{ lib, nodes, pkgs, ... }: let
|
|
letsencrypt-ca = nodes.letsencrypt.config.test-support.letsencrypt.caCert;
|
|
in {
|
|
networking.nameservers = [
|
|
nodes.letsencrypt.config.networking.primaryIPAddress
|
|
];
|
|
|
|
security.pki.certificateFiles = [ letsencrypt-ca ];
|
|
}
|