nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-23 23:43:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

nixos/stunnel: Fix CA files

Browse Source
This commit is contained in:
Janne Heß 2019-10-25 15:28:44 +02:00 committed by Lassulus
parent 77a5bf5bfb
commit 4a32dbd1e1
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nixos/modules/services/networking/stunnel.nix
View File

@ -57,7 +57,13 @@ let
}; };
CAPath = mkOption { CAPath = mkOption {
type = types.path; type = types.nullOr types.path;
default = null;
description = "Path to a directory containing certificates to validate against.";
};
CAFile = mkOption {
type = types.nullOr types.path;
default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
description = "Path to a file containing certificates to validate against."; description = "Path to a file containing certificates to validate against.";
}; };
@ -196,6 +202,7 @@ in
verifyChain = ${yesNo v.verifyChain} verifyChain = ${yesNo v.verifyChain}
verifyPeer = ${yesNo v.verifyPeer} verifyPeer = ${yesNo v.verifyPeer}
${optionalString (v.CAPath != null) "CApath = ${v.CAPath}"} ${optionalString (v.CAPath != null) "CApath = ${v.CAPath}"}
${optionalString (v.CAFile != null) "CAFile = ${v.CAFile}"}
${optionalString (v.verifyHostname != null) "checkHost = ${v.verifyHostname}"} ${optionalString (v.verifyHostname != null) "checkHost = ${v.verifyHostname}"}
OCSPaia = yes OCSPaia = yes