liminix/modules/tls-certificate/certifix-client.nix

{ liminix, certifix-client, svc, lib, writeText, serviceFns }:
{
  caCertificate,
  secret,
  subject,
  serviceUrl
}:
let
  inherit (builtins) filter isString split;
  inherit (liminix.services) oneshot;
  name = "certifix-${lib.strings.sanitizeDerivationName subject}";
  caCertFile = writeText "ca.crt" caCertificate;
  secretFile = writeText "secret" secret;
in oneshot {
  inherit name;
  up = ''
    (in_outputs ${name}
     SSL_CA_CERT_FILE=${caCertFile} ${certifix-client}/bin/certifix-client --subject ${subject} --secret ${secretFile} --key-out key --certificate-out cert ${serviceUrl}
    )
  '';
}
add module for certifix-client 2024-10-06 10:27:39 +00:00			`{ liminix, certifix-client, svc, lib, writeText, serviceFns }:`
			`{`
			`caCertificate,`
			`secret,`
			`subject,`
			`serviceUrl`
			`}:`
			`let`
			`inherit (builtins) filter isString split;`
			`inherit (liminix.services) oneshot;`
			`name = "certifix-${lib.strings.sanitizeDerivationName subject}";`
			`caCertFile = writeText "ca.crt" caCertificate;`
			`secretFile = writeText "secret" secret;`
			`in oneshot {`
			`inherit name;`
			`up = ''`
			`(in_outputs ${name}`
			`SSL_CA_CERT_FILE=${caCertFile} ${certifix-client}/bin/certifix-client --subject ${subject} --secret ${secretFile} --key-out key --certificate-out cert ${serviceUrl}`
			`)`
			`'';`
			`}`