diff options
author | tv <tv@krebsco.de> | 2021-12-22 23:33:05 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2021-12-22 23:33:05 +0100 |
commit | 448cd3b9af9e39980676f8ade7e5fb80dbb58b9f (patch) | |
tree | ad3b7ccfb7107b0053ad2a80cbc2dd97a018e7a6 /krebs/2configs/default.nix | |
parent | 2656cbf2a91f1f350e29e2ee2faa0bbe90f9b717 (diff) | |
parent | 576c05cf3a0ceddefa29c2d0073108177c3cfa52 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'krebs/2configs/default.nix')
-rw-r--r-- | krebs/2configs/default.nix | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index 8a84d4465..9200d41fe 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -4,18 +4,14 @@ with import <stockholm/lib>; { imports = [ ./backup.nix - (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { - environment.variables = { - CURL_CA_BUNDLE = ca-bundle; - GIT_SSL_CAINFO = ca-bundle; - SSL_CERT_FILE = ca-bundle; - }; - }) ]; krebs.announce-activation.enable = true; krebs.enable = true; krebs.tinc.retiolum.enable = mkDefault true; + # trust krebs ACME CA + krebs.ssl.trustIntermediate = true; + krebs.build.user = mkDefault config.krebs.users.krebs; networking.hostName = config.krebs.build.host.name; |