dockerTools: add caCertificates helper

Various tools (e.g. wget) expect the ca bundle to be available at
/etc/ssl/certs/ca-certificates.crt
This commit is contained in:
sohalt 2022-04-28 17:56:03 +02:00
parent 3ae05d648e
commit f238aa9833

View file

@ -773,6 +773,16 @@ rec {
ln -s ${bashInteractive}/bin/bash $out/bin/sh ln -s ${bashInteractive}/bin/bash $out/bin/sh
''; '';
# This provides the ca bundle in common locations
caCertificates = runCommand "ca-certificates" { } ''
# Old NixOS compatibility.
ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs/ca-bundle.crt
# NixOS canonical location + Debian/Ubuntu/Arch/Gentoo compatibility.
ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs/ca-certificates.crt
# CentOS/Fedora compatibility.
ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/pki/tls/certs/ca-bundle.crt
'';
# Build an image and populate its nix database with the provided # Build an image and populate its nix database with the provided
# contents. The main purpose is to be able to use nix commands in # contents. The main purpose is to be able to use nix commands in
# the container. # the container.