[Nix-dev] Including SSL certificates with NixOS configuration
Wilhelm Schuster
ws at wilhelm.re
Mon Sep 12 23:54:17 CEST 2016
Hi,
I’m quite new to Nix/NixOS; coming from Archlinux I like being able to configure my system in a declarative manner. I tried setting up a small web server using nginx and I hit an interesting challenge:
How would be the a good way to include SSL certificates with the NixOS configuration. I’d like to have all my system configuration inside a couple of nix expressions to easily be able to move between different systems. I figured I’d have a separate .nix file which includes all certificates, dhparams, etc. as strings (PEM) which I import into my main configuration.nix. I found builtins.toFile for writing a certificate file from a string, but there doesn’t seem a way to set permissions, which would be important for private certificates (chmod 400).
How would you solve this? Is this even the right approach?
Thanks and cheers, Wilhelm Schuster.
More information about the nix-dev
mailing list