This commit is contained in:
Freya Murphy 2023-10-04 22:34:41 -04:00
parent 74b72c7fb5
commit 72da935ae2
No known key found for this signature in database
GPG key ID: 988032A5638EE799
7 changed files with 87 additions and 3 deletions

View file

@ -21,6 +21,7 @@
(home-packages vim) (home-packages vim)
(home-packages gnome-xyz) (home-packages gnome-xyz)
(home-packages shells) (home-packages shells)
(home-packages certs)
(home-packages audio)) (home-packages audio))
@ -88,6 +89,7 @@
firefox-wayland-new firefox-wayland-new
lavanda-gtk-theme lavanda-gtk-theme
zsh-autosuggestions zsh-autosuggestions
freya-ca-certs
vim-plug))) vim-plug)))
;; Below is the list of Home services. To search for available ;; Below is the list of Home services. To search for available

View file

@ -26,6 +26,6 @@ Host github.com
User tam2214 User tam2214
IdentityFile /home/tylerm/.ssh/id_rit IdentityFile /home/tylerm/.ssh/id_rit
Host * #Host *
KexAlgorithms -sntrup761x25519-sha512@openssh.com # KexAlgorithms -sntrup761x25519-sha512@openssh.com

View file

@ -48,6 +48,10 @@ export PATH=$PATH:$LOCAL_PROFILE/bin
export CC=$(which gcc) export CC=$(which gcc)
export LD=$(which gcc) export LD=$(which gcc)
# Setup certs
export SSL_CERT_FILE=/run/current-system/profile/etc/ssl/certs/ca-certificates.crt
export SSL_CERT_DIR=/run/current-system/profile/etc/ssl/certs
# start sway only once and on the primary tty # start sway only once and on the primary tty
if [ -z "${DISPLAY}" ] && [ "${XDG_VTNR}" -eq 1 ]; then if [ -z "${DISPLAY}" ] && [ "${XDG_VTNR}" -eq 1 ]; then
# dbus-run-session Hyprland &> .log/hyprland # dbus-run-session Hyprland &> .log/hyprland

View file

@ -27,7 +27,9 @@
#:use-module (gnu services avahi) #:use-module (gnu services avahi)
#:use-module (gnu services spice) #:use-module (gnu services spice)
#:use-module (gnu services virtualization) #:use-module (gnu services virtualization)
#:use-module (home-services ntp)
#:use-module (home-packages wm) #:use-module (home-packages wm)
#:use-module (home-packages certs)
#:use-module (home-packages virtualization)) #:use-module (home-packages virtualization))
(define %my-base-packages (define %my-base-packages
@ -70,6 +72,7 @@
"sof-firmware" "sof-firmware"
"intel-microcode" "intel-microcode"
"alsa-utils" "alsa-utils"
"chrony"
"swayidle" "swayidle"
"dconf" "dconf"
"alacritty" "alacritty"
@ -121,7 +124,7 @@
"libpcap" "libpcap"
"v4l2loopback-linux-module" "v4l2loopback-linux-module"
"neovim")) "neovim"))
(list swaylock-effects-new virt-manager-new) (list swaylock-effects-new virt-manager-new freya-ca-certs)
%my-base-packages)) %my-base-packages))
;; Below is the list of system services. TO search for available ;; Below is the list of system services. TO search for available
@ -145,6 +148,7 @@
(publish? #f) ;; do not advertise this machiene (publish? #f) ;; do not advertise this machiene
(publish-workstation? #f))) ; do not advertise, I want this to be as silent as possible (publish-workstation? #f))) ; do not advertise, I want this to be as silent as possible
(service docker-service-type) (service docker-service-type)
;(service chrony-sericve-type)
(service nix-service-type) (service nix-service-type)
(service libvirt-service-type (service libvirt-service-type
(libvirt-configuration (libvirt-configuration

View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBnDCCAUKgAwIBAgIRANSS7G2uorge5TXlGr7z2qswCgYIKoZIzj0EAwIwLDEQ
MA4GA1UEChMHZnJleWFDQTEYMBYGA1UEAxMPZnJleWFDQSBSb290IENBMB4XDTIz
MTAwNDIxMzczMFoXDTMzMTAwMTIxMzczMFowLDEQMA4GA1UEChMHZnJleWFDQTEY
MBYGA1UEAxMPZnJleWFDQSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEvyoFgV7LYPyYzubVKEAmDRtp/1Fd/+/txbFBOXE0lX3EC0pPgfr2G8S7FC5P
aNv+ZxmnSSI8vLJbVofLKNu3GaNFMEMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB
/wQIMAYBAf8CAQEwHQYDVR0OBBYEFIWAMA1zgd/KEOAV/26yfuJS48O1MAoGCCqG
SM49BAMCA0gAMEUCIQDX9oivOL5hueuikrAEoiVw0jwTOOQ51zEQD1v4Xlp1RQIg
LitR7EYp6R0ejK66ZSE0cUdsF/4WbgtrlS3p/MQgDdw=
-----END CERTIFICATE-----

View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBxTCCAWqgAwIBAgIQKD7wGJ+2vQCA1+8z2waLiTAKBggqhkjOPQQDAjAsMRAw
DgYDVQQKEwdmcmV5YUNBMRgwFgYDVQQDEw9mcmV5YUNBIFJvb3QgQ0EwHhcNMjMx
MDA0MjEzNzMxWhcNMzMxMDAxMjEzNzMxWjA0MRAwDgYDVQQKEwdmcmV5YUNBMSAw
HgYDVQQDExdmcmV5YUNBIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqG
SM49AwEHA0IABAygCEQ06w0AKgqXVWCL1iX0oRqS6QEb0VY49zZimPRVmI+FdJ0O
KB4kANOJABYyFfpzoK9omJXdz6BvsFHx6c+jZjBkMA4GA1UdDwEB/wQEAwIBBjAS
BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQFRP1PrOhDg13b9m/oPHg4IAuy
KjAfBgNVHSMEGDAWgBSFgDANc4HfyhDgFf9usn7iUuPDtTAKBggqhkjOPQQDAgNJ
ADBGAiEAoY0OsXihuhxIQAx8Fp5agkE70UaOHmT5JLJhVGH7sQYCIQCzId4kEMJ8
N4/afVgJI7R5hHbcu1Wge40SSkMx1pplFA==
-----END CERTIFICATE-----

View file

@ -0,0 +1,51 @@
(define-module (home-packages certs)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix gexp)
#:use-module (guix build-system trivial)
#:use-module (guix utils)
#:use-module (guix packages)
#:use-module (gnu packages)
#:use-module (gnu packages tls)
#:use-module (gnu packages linux)
#:use-module (gnu packages base))
(define-public freya-ca-certs
(package
(name "freya-ca-certs")
(version "1")
(source (local-file "../home-config/ca-certs"
#:recursive? #t))
(build-system trivial-build-system)
(license license:mpl2.0)
(home-page "https://tylerm.dev")
(arguments
`(#:modules
((guix build utils))
#:builder
(begin
(use-modules (guix build utils)
(srfi srfi-1)
(srfi srfi-26)
(ice-9 ftw))
(let* ((ca-certificates (assoc-ref %build-inputs "source"))
(crt-suffix ".crt")
(is-certificate? (cut string-suffix? crt-suffix <>))
(certificates (filter is-certificate?
(scandir ca-certificates)))
(out (assoc-ref %outputs "out"))
(certificate-directory (string-append out "/etc/ssl/certs"))
(openssl (string-append (assoc-ref %build-inputs "openssl") "/bin/openssl")))
(mkdir-p certificate-directory)
(for-each
(lambda (cert)
(invoke
openssl "x509"
"-in" (string-append ca-certificates "/" cert)
"-outform" "PEM"
"-out" (string-append certificate-directory "/" cert ".pem")))
certificates)
#t))))
(native-inputs
(list openssl))
(synopsis "freya ca certs")
(description synopsis)))