nixos/taskserver: Set server.crl for automatic CA

Currently, we don't handle this yet, but let's set it so that we cover
all the options.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit is contained in:
aszlig 2016-04-11 13:38:33 +02:00
parent 05a7cd17fc
commit b19fdc9ec9
No known key found for this signature in database
GPG Key ID: D0EBD0EC8C2DC961

View File

@ -80,18 +80,19 @@ let
# server
server = ${cfg.listenHost}:${toString cfg.listenPort}
${mkConfLine "server.crl" cfg.pki.server.crl}
# certificates
${mkConfLine "trust" cfg.trust}
# PKI options
${if needToCreateCA then ''
ca.cert = ${cfg.dataDir}/keys/ca.cert
server.cert = ${cfg.dataDir}/keys/server.cert
server.key = ${cfg.dataDir}/keys/server.key
server.crl = ${cfg.dataDir}/keys/server.crl
'' else ''
ca.cert = ${cfg.pki.ca.cert}
server.cert = ${cfg.pki.server.cert}
server.key = ${cfg.pki.server.key}
server.crl = ${cfg.pki.server.crl}
''}
'';