dockerTools: add caCertificates helper
Various tools (e.g. wget) expect the ca bundle to be available at /etc/ssl/certs/ca-certificates.crt
This commit is contained in:
parent
3ae05d648e
commit
f238aa9833
1 changed files with 10 additions and 0 deletions
|
@ -773,6 +773,16 @@ rec {
|
||||||
ln -s ${bashInteractive}/bin/bash $out/bin/sh
|
ln -s ${bashInteractive}/bin/bash $out/bin/sh
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
# This provides the ca bundle in common locations
|
||||||
|
caCertificates = runCommand "ca-certificates" { } ''
|
||||||
|
# Old NixOS compatibility.
|
||||||
|
ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs/ca-bundle.crt
|
||||||
|
# NixOS canonical location + Debian/Ubuntu/Arch/Gentoo compatibility.
|
||||||
|
ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs/ca-certificates.crt
|
||||||
|
# CentOS/Fedora compatibility.
|
||||||
|
ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/pki/tls/certs/ca-bundle.crt
|
||||||
|
'';
|
||||||
|
|
||||||
# Build an image and populate its nix database with the provided
|
# Build an image and populate its nix database with the provided
|
||||||
# contents. The main purpose is to be able to use nix commands in
|
# contents. The main purpose is to be able to use nix commands in
|
||||||
# the container.
|
# the container.
|
||||||
|
|
Loading…
Reference in a new issue