freyaCA
This commit is contained in:
parent
74b72c7fb5
commit
72da935ae2
7 changed files with 87 additions and 3 deletions
|
|
@ -21,6 +21,7 @@
|
||||||
(home-packages vim)
|
(home-packages vim)
|
||||||
(home-packages gnome-xyz)
|
(home-packages gnome-xyz)
|
||||||
(home-packages shells)
|
(home-packages shells)
|
||||||
|
(home-packages certs)
|
||||||
(home-packages audio))
|
(home-packages audio))
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -88,6 +89,7 @@
|
||||||
firefox-wayland-new
|
firefox-wayland-new
|
||||||
lavanda-gtk-theme
|
lavanda-gtk-theme
|
||||||
zsh-autosuggestions
|
zsh-autosuggestions
|
||||||
|
freya-ca-certs
|
||||||
vim-plug)))
|
vim-plug)))
|
||||||
|
|
||||||
;; Below is the list of Home services. To search for available
|
;; Below is the list of Home services. To search for available
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,6 @@ Host github.com
|
||||||
User tam2214
|
User tam2214
|
||||||
IdentityFile /home/tylerm/.ssh/id_rit
|
IdentityFile /home/tylerm/.ssh/id_rit
|
||||||
|
|
||||||
Host *
|
#Host *
|
||||||
KexAlgorithms -sntrup761x25519-sha512@openssh.com
|
# KexAlgorithms -sntrup761x25519-sha512@openssh.com
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -48,6 +48,10 @@ export PATH=$PATH:$LOCAL_PROFILE/bin
|
||||||
export CC=$(which gcc)
|
export CC=$(which gcc)
|
||||||
export LD=$(which gcc)
|
export LD=$(which gcc)
|
||||||
|
|
||||||
|
# Setup certs
|
||||||
|
export SSL_CERT_FILE=/run/current-system/profile/etc/ssl/certs/ca-certificates.crt
|
||||||
|
export SSL_CERT_DIR=/run/current-system/profile/etc/ssl/certs
|
||||||
|
|
||||||
# start sway only once and on the primary tty
|
# start sway only once and on the primary tty
|
||||||
if [ -z "${DISPLAY}" ] && [ "${XDG_VTNR}" -eq 1 ]; then
|
if [ -z "${DISPLAY}" ] && [ "${XDG_VTNR}" -eq 1 ]; then
|
||||||
# dbus-run-session Hyprland &> .log/hyprland
|
# dbus-run-session Hyprland &> .log/hyprland
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,9 @@
|
||||||
#:use-module (gnu services avahi)
|
#:use-module (gnu services avahi)
|
||||||
#:use-module (gnu services spice)
|
#:use-module (gnu services spice)
|
||||||
#:use-module (gnu services virtualization)
|
#:use-module (gnu services virtualization)
|
||||||
|
#:use-module (home-services ntp)
|
||||||
#:use-module (home-packages wm)
|
#:use-module (home-packages wm)
|
||||||
|
#:use-module (home-packages certs)
|
||||||
#:use-module (home-packages virtualization))
|
#:use-module (home-packages virtualization))
|
||||||
|
|
||||||
(define %my-base-packages
|
(define %my-base-packages
|
||||||
|
|
@ -70,6 +72,7 @@
|
||||||
"sof-firmware"
|
"sof-firmware"
|
||||||
"intel-microcode"
|
"intel-microcode"
|
||||||
"alsa-utils"
|
"alsa-utils"
|
||||||
|
"chrony"
|
||||||
"swayidle"
|
"swayidle"
|
||||||
"dconf"
|
"dconf"
|
||||||
"alacritty"
|
"alacritty"
|
||||||
|
|
@ -121,7 +124,7 @@
|
||||||
"libpcap"
|
"libpcap"
|
||||||
"v4l2loopback-linux-module"
|
"v4l2loopback-linux-module"
|
||||||
"neovim"))
|
"neovim"))
|
||||||
(list swaylock-effects-new virt-manager-new)
|
(list swaylock-effects-new virt-manager-new freya-ca-certs)
|
||||||
%my-base-packages))
|
%my-base-packages))
|
||||||
|
|
||||||
;; Below is the list of system services. TO search for available
|
;; Below is the list of system services. TO search for available
|
||||||
|
|
@ -145,6 +148,7 @@
|
||||||
(publish? #f) ;; do not advertise this machiene
|
(publish? #f) ;; do not advertise this machiene
|
||||||
(publish-workstation? #f))) ; do not advertise, I want this to be as silent as possible
|
(publish-workstation? #f))) ; do not advertise, I want this to be as silent as possible
|
||||||
(service docker-service-type)
|
(service docker-service-type)
|
||||||
|
;(service chrony-sericve-type)
|
||||||
(service nix-service-type)
|
(service nix-service-type)
|
||||||
(service libvirt-service-type
|
(service libvirt-service-type
|
||||||
(libvirt-configuration
|
(libvirt-configuration
|
||||||
|
|
|
||||||
11
modules/home-config/ca-certs/freya_ca.crt
Normal file
11
modules/home-config/ca-certs/freya_ca.crt
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIBnDCCAUKgAwIBAgIRANSS7G2uorge5TXlGr7z2qswCgYIKoZIzj0EAwIwLDEQ
|
||||||
|
MA4GA1UEChMHZnJleWFDQTEYMBYGA1UEAxMPZnJleWFDQSBSb290IENBMB4XDTIz
|
||||||
|
MTAwNDIxMzczMFoXDTMzMTAwMTIxMzczMFowLDEQMA4GA1UEChMHZnJleWFDQTEY
|
||||||
|
MBYGA1UEAxMPZnJleWFDQSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
|
||||||
|
QgAEvyoFgV7LYPyYzubVKEAmDRtp/1Fd/+/txbFBOXE0lX3EC0pPgfr2G8S7FC5P
|
||||||
|
aNv+ZxmnSSI8vLJbVofLKNu3GaNFMEMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB
|
||||||
|
/wQIMAYBAf8CAQEwHQYDVR0OBBYEFIWAMA1zgd/KEOAV/26yfuJS48O1MAoGCCqG
|
||||||
|
SM49BAMCA0gAMEUCIQDX9oivOL5hueuikrAEoiVw0jwTOOQ51zEQD1v4Xlp1RQIg
|
||||||
|
LitR7EYp6R0ejK66ZSE0cUdsF/4WbgtrlS3p/MQgDdw=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
12
modules/home-config/ca-certs/freya_intermediate.crt
Normal file
12
modules/home-config/ca-certs/freya_intermediate.crt
Normal file
|
|
@ -0,0 +1,12 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIBxTCCAWqgAwIBAgIQKD7wGJ+2vQCA1+8z2waLiTAKBggqhkjOPQQDAjAsMRAw
|
||||||
|
DgYDVQQKEwdmcmV5YUNBMRgwFgYDVQQDEw9mcmV5YUNBIFJvb3QgQ0EwHhcNMjMx
|
||||||
|
MDA0MjEzNzMxWhcNMzMxMDAxMjEzNzMxWjA0MRAwDgYDVQQKEwdmcmV5YUNBMSAw
|
||||||
|
HgYDVQQDExdmcmV5YUNBIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqG
|
||||||
|
SM49AwEHA0IABAygCEQ06w0AKgqXVWCL1iX0oRqS6QEb0VY49zZimPRVmI+FdJ0O
|
||||||
|
KB4kANOJABYyFfpzoK9omJXdz6BvsFHx6c+jZjBkMA4GA1UdDwEB/wQEAwIBBjAS
|
||||||
|
BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQFRP1PrOhDg13b9m/oPHg4IAuy
|
||||||
|
KjAfBgNVHSMEGDAWgBSFgDANc4HfyhDgFf9usn7iUuPDtTAKBggqhkjOPQQDAgNJ
|
||||||
|
ADBGAiEAoY0OsXihuhxIQAx8Fp5agkE70UaOHmT5JLJhVGH7sQYCIQCzId4kEMJ8
|
||||||
|
N4/afVgJI7R5hHbcu1Wge40SSkMx1pplFA==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
51
modules/home-packages/certs.scm
Normal file
51
modules/home-packages/certs.scm
Normal file
|
|
@ -0,0 +1,51 @@
|
||||||
|
(define-module (home-packages certs)
|
||||||
|
#:use-module ((guix licenses) #:prefix license:)
|
||||||
|
#:use-module (guix gexp)
|
||||||
|
#:use-module (guix build-system trivial)
|
||||||
|
#:use-module (guix utils)
|
||||||
|
#:use-module (guix packages)
|
||||||
|
#:use-module (gnu packages)
|
||||||
|
#:use-module (gnu packages tls)
|
||||||
|
#:use-module (gnu packages linux)
|
||||||
|
#:use-module (gnu packages base))
|
||||||
|
|
||||||
|
(define-public freya-ca-certs
|
||||||
|
(package
|
||||||
|
(name "freya-ca-certs")
|
||||||
|
(version "1")
|
||||||
|
(source (local-file "../home-config/ca-certs"
|
||||||
|
#:recursive? #t))
|
||||||
|
(build-system trivial-build-system)
|
||||||
|
(license license:mpl2.0)
|
||||||
|
(home-page "https://tylerm.dev")
|
||||||
|
(arguments
|
||||||
|
`(#:modules
|
||||||
|
((guix build utils))
|
||||||
|
#:builder
|
||||||
|
(begin
|
||||||
|
(use-modules (guix build utils)
|
||||||
|
(srfi srfi-1)
|
||||||
|
(srfi srfi-26)
|
||||||
|
(ice-9 ftw))
|
||||||
|
(let* ((ca-certificates (assoc-ref %build-inputs "source"))
|
||||||
|
(crt-suffix ".crt")
|
||||||
|
(is-certificate? (cut string-suffix? crt-suffix <>))
|
||||||
|
(certificates (filter is-certificate?
|
||||||
|
(scandir ca-certificates)))
|
||||||
|
(out (assoc-ref %outputs "out"))
|
||||||
|
(certificate-directory (string-append out "/etc/ssl/certs"))
|
||||||
|
(openssl (string-append (assoc-ref %build-inputs "openssl") "/bin/openssl")))
|
||||||
|
(mkdir-p certificate-directory)
|
||||||
|
(for-each
|
||||||
|
(lambda (cert)
|
||||||
|
(invoke
|
||||||
|
openssl "x509"
|
||||||
|
"-in" (string-append ca-certificates "/" cert)
|
||||||
|
"-outform" "PEM"
|
||||||
|
"-out" (string-append certificate-directory "/" cert ".pem")))
|
||||||
|
certificates)
|
||||||
|
#t))))
|
||||||
|
(native-inputs
|
||||||
|
(list openssl))
|
||||||
|
(synopsis "freya ca certs")
|
||||||
|
(description synopsis)))
|
||||||
Loading…
Reference in a new issue