From 964c85b2b2b726e1047c96984c96bf5dd9c2ee4a Mon Sep 17 00:00:00 2001 From: Adithya Nair Date: Sun, 14 Jul 2024 18:19:20 +0530 Subject: [PATCH] skipper: trust custom CA --- hosts/shared/certs/local.adtya.xyz.CA.pem | 24 +++++++++++++++++++++++ hosts/skipper/security.nix | 1 + 2 files changed, 25 insertions(+) create mode 100644 hosts/shared/certs/local.adtya.xyz.CA.pem diff --git a/hosts/shared/certs/local.adtya.xyz.CA.pem b/hosts/shared/certs/local.adtya.xyz.CA.pem new file mode 100644 index 0000000..2416c7b --- /dev/null +++ b/hosts/shared/certs/local.adtya.xyz.CA.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIID9zCCAt+gAwIBAgIUKehz8dBJL1Bw1zBPWQlPVonGHmIwDQYJKoZIhvcNAQEL +BQAwgYoxCzAJBgNVBAYTAklOMRAwDgYDVQQIDAdOb3doZXJlMRIwEAYDVQQHDAlN +aWRkbGUgb2YxGzAZBgNVBAoMEiBBRFRZQS5YWVogSG9tZWxhYjEYMBYGA1UEAwwP +bG9jYWwuYWR0eWEueHl6MR4wHAYJKoZIhvcNAQkBFg9hZG1pbkBhZHR5YS54eXow +HhcNMjQwNzA2MTY0NzIzWhcNMjkwNzA1MTY0NzIzWjCBijELMAkGA1UEBhMCSU4x +EDAOBgNVBAgMB05vd2hlcmUxEjAQBgNVBAcMCU1pZGRsZSBvZjEbMBkGA1UECgwS +IEFEVFlBLlhZWiBIb21lbGFiMRgwFgYDVQQDDA9sb2NhbC5hZHR5YS54eXoxHjAc +BgkqhkiG9w0BCQEWD2FkbWluQGFkdHlhLnh5ejCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBANLgKvPvfCTe4uRvMGKfrg+RzPpkgvyM/1HY47QMRZjNw7DL +dh8xtE6Boms4/oRFglFvlo3zOCbpCrvWK8HBzt+jqmpuP+4lpjgo8hHP+0ALwtUv +jTW9yorg7CHjloiehgY0HFzs6ZMmqB4DVuZv5jIifLQx9i6S+bTqxfp4n5GqNlZe +gfKph0/M2kK0fXMcdS/o4hmRxk4Nh3gg2AJxhdHfVdUVp1gBBW3K5GIYZcS5+LbH +YB61i7+Zk2ytPHxhgBR3jASVy4ecCVgvAG4ab30bVq0f+N/7jeN5OBKiHZ+8lo09 +tW7TT8Maw1YTgDpVvlxGTQd6soq1uO2dzce6vakCAwEAAaNTMFEwHQYDVR0OBBYE +FPN92mUdRebQsb8/iPLYlGCasX0wMB8GA1UdIwQYMBaAFPN92mUdRebQsb8/iPLY +lGCasX0wMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAB9vKYGg +YIwny0DhBkEnnGgxAe+uvK/ozS5hBBYQ1utLVeFLQ/jqZ0GtqPup762j+4ME9beh +IcwhuxQXG2GxBdjzgW8McuEEYR+uCphuKKvjq/VPmHcIqPske5LYtv3uk1t6/oOq +4jYyZqbY64i7yBAw8AFKUF/JQjxHuuXS4osKMHCWCoTKerWHZtOTVjH9o62wNwky +IytV5Mg6xGhdJKur2HmcojIsx1UyRqZJcKkJtayof89ZkoEz8rcbSyJQCWDVuFUn +MdXfjsO/yWxc3iFQEKTJtY5bMo+SOh18UDvwAgj9p9qsMOsfjQm82JKF8/FVvqV6 +7HZvbtj1pFwntI8= +-----END CERTIFICATE----- diff --git a/hosts/skipper/security.nix b/hosts/skipper/security.nix index 068726f..83aff72 100644 --- a/hosts/skipper/security.nix +++ b/hosts/skipper/security.nix @@ -12,6 +12,7 @@ cue = true; }; }; + pki.certificateFiles = [ ../shared/certs/local.adtya.xyz.CA.pem ]; polkit.enable = true; rtkit.enable = true; sudo = {