nixpkgs/nixos
Lucas Savva a7f0001328
nixos/acme: Check for revoked certificates
Closes #129838

It is possible for the CA to revoke a cert that has not yet
expired. We must run lego to validate this before expiration,
but we must still ignore failures on unexpired certs to retain
compatibility with #85794

Also changed domainHash logic such that a renewal will only
be attempted at all if domains are unchanged, and do a full
run otherwises. Resolves #147540 but will be partially
reverted when go-acme/lego#1532 is resolved + available.
2021-12-26 16:44:09 +00:00
..
doc nixos/stubby: reduce to a settings-style configuration 2021-12-25 12:07:06 +01:00
lib nixos/lib/make-options-doc: fix with nix 2.3 2021-12-14 03:41:09 +01:00
maintainers create-amis.sh: possible deprecation 2021-11-11 09:04:29 -07:00
modules nixos/acme: Check for revoked certificates 2021-12-26 16:44:09 +00:00
tests nixos/acme: Check for revoked certificates 2021-12-26 16:44:09 +00:00
COPYING
default.nix
README
release-combined.nix
release-small.nix
release.nix lxdImage: split from docker profile, use generators.toYAML 2021-11-03 07:49:54 +01:00

*** NixOS ***

NixOS is a Linux distribution based on the purely functional package
management system Nix.  More information can be found at
https://nixos.org/nixos and in the manual in doc/manual.