felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-05-02 04:33:15 +02:00
Code Issues Projects Releases Wiki Activity

Run shellcheck

Browse Source
This commit is contained in:
Felix Albrigtsen
2026-02-08 12:10:53 +01:00
committed by h7x4
parent eee7e9ad7b
commit 2a062a6031
6 changed files with 44 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
modules/snakeoil-certs.nix
View File

@@ -51,24 +51,24 @@ in
script = let
openssl = lib.getExe pkgs.openssl;
in lib.concatMapStringsSep "\n" ({ name, value }: ''
mkdir -p $(dirname "${value.certificate}") $(dirname "${value.certificateKey}")
if ! ${openssl} x509 -checkend 86400 -noout -in ${value.certificate}
mkdir -p "$(dirname '${value.certificate}')" "$(dirname '${value.certificateKey}')"
if ! ${openssl} x509 -checkend 86400 -noout -in '${value.certificate}'
then
echo "Regenerating '${value.certificate}'"
${openssl} req \
-newkey rsa:4096 \
-new -x509 \
-days "${toString value.daysValid}" \
-days '${toString value.daysValid}' \
-nodes \
-subj "${value.subject}" \
-out "${value.certificate}" \
-keyout "${value.certificateKey}" \
-subj '${value.subject}' \
-out '${value.certificate}' \
-keyout '${value.certificateKey}' \
${lib.escapeShellArgs value.extraOpenSSLArgs}
fi
chown "${value.owner}:${value.group}" "${value.certificate}"
chown "${value.owner}:${value.group}" "${value.certificateKey}"
chmod "${value.mode}" "${value.certificate}"
chmod "${value.mode}" "${value.certificateKey}"
chown '${value.owner}:${value.group}' '${value.certificate}'
chown '${value.owner}:${value.group}' '${value.certificateKey}'
chmod '${value.mode}' '${value.certificate}'
chmod '${value.mode}' '${value.certificateKey}'
echo "\n-----------------\n"
'') (lib.attrsToList cfg);