adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

all: update CA

Browse source
This commit is contained in:
Adithya 2024-07-16 22:29:44 +05:30
parent 94f7277dff
commit 94436da437
Signed by: adtya
GPG key ID: B8857BFBA2C47B9C
9 changed files with 42 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
hosts/layne/security.nix
View file

@ -1,4 +1,5 @@
_: { _: {
imports = [ ../shared/certs ];
security = { security = {
sudo = { sudo = {
wheelNeedsPassword = false; wheelNeedsPassword = false;

1
hosts/rico0/security.nix
View file

@ -1,4 +1,5 @@
_: { _: {
imports = [ ../shared/certs ];
security = { security = {
sudo = { sudo = {
wheelNeedsPassword = false; wheelNeedsPassword = false;

1
hosts/rico1/security.nix
View file

@ -1,4 +1,5 @@
_: { _: {
imports = [ ../shared/certs ];
security = { security = {
sudo = { sudo = {
wheelNeedsPassword = false; wheelNeedsPassword = false;

1
hosts/rico2/security.nix
View file

@ -1,4 +1,5 @@
_: { _: {
imports = [ ../shared/certs ];
security = { security = {
sudo = { sudo = {
wheelNeedsPassword = false; wheelNeedsPassword = false;

3
hosts/shared/certs/default.nix Normal file
View file

@ -0,0 +1,3 @@
_: {
security.pki.certificateFiles = [ ./labs.adtya.xyz.rootCA.pem ];
}

33
hosts/shared/certs/labs.adtya.xyz.rootCA.pem Normal file
View file

@ -0,0 +1,33 @@
-----BEGIN CERTIFICATE-----
MIIFnzCCA4egAwIBAgIUQ0Gn1kz+ilGQC10QVXBFAuMu7MswDQYJKoZIhvcNAQEL
BQAwXzELMAkGA1UEBhMCSU4xFzAVBgNVBAoMDkFEVFlBLlhZWiBMYWJzMRcwFQYD
VQQDDA5sYWJzLmFkdHlhLnh5ejEeMBwGCSqGSIb3DQEJARYPYWRtaW5AYWR0eWEu
eHl6MB4XDTI0MDcxNjE2NTQ1NloXDTI1MDcxNjE2NTQ1NlowXzELMAkGA1UEBhMC
SU4xFzAVBgNVBAoMDkFEVFlBLlhZWiBMYWJzMRcwFQYDVQQDDA5sYWJzLmFkdHlh
Lnh5ejEeMBwGCSqGSIb3DQEJARYPYWRtaW5AYWR0eWEueHl6MIICIjANBgkqhkiG
9w0BAQEFAAOCAg8AMIICCgKCAgEApYEpiJTx9UY0xJuktxZtswi731XTKwLKL4n7
9qitYCZVE0DFkhj19dophOAfrl+ISbANVC2XFQlxMFERCe3r6C8+sOHc8HUu3Bjf
89WYilf2AF30GlgkdEjNzPqHSjhWKqbPoXnLQqGbyl+AKVuy87eLT4YKWrz9mqV9
vwhHAJ2X1VNpGCXuPWKjbMiply+08a+S5SGkINSLdLhMi2FxN9xodvJZwn45CqP7
2WnjCFmCRJaDtvwdl1xqGjhcw4KiJfNYWGv6t7LbR1keJBlmBqs6yw+v82TzawYJ
P08mROF52h8Lz5hClvwUa/wjHJ3EQlJNKFZ+2U9aGw1cJtTwwL2PeEwumctmg59V
as5MT1wKt0+CwK1/+MtbHnjfc8EFEBmnwb2V82AMfSXQjhORVSS15ozhhjB0QbCJ
VOVKQctsoZxVov3xrpXmbesdDTohgr4/r0bCBXgnRJHrv21Nh1Uf58p2ZRs67rep
JTM1JdDzGIA8c3CO4c5W7fcpG3d6HaPHsWcoyP8Yb64aYAMYXKuufcfoWD4JsBFb
a82K5EJdGBUOyxk2HlZcqvW9RA1uH7ineWMo53EBr66ECZ6rw8uoWgOyzyBJpZPJ
AtH9t4nCEVPKpxofP1IkPo9BUi4mltxGUHd/l9ZYifFSJv+dxa+BgBMieSSN1I5D
/m5qwa8CAwEAAaNTMFEwHQYDVR0OBBYEFN3a/BeFBNGMdDPewT+57LhLlvvzMB8G
A1UdIwQYMBaAFN3a/BeFBNGMdDPewT+57LhLlvvzMA8GA1UdEwEB/wQFMAMBAf8w
DQYJKoZIhvcNAQELBQADggIBAA0azmyRPr11wIFE6XzDL5VaMtkaOLRFGQx4OU0u
FJ4h3wP8ix25XMXDUPMv5BSR/fpc35GSmeKssBt31UswGMY6O5HIkzHMjTYVMylH
PTtTw8aJOLGAsF36n5zBMncYlVvxnEiZiCMimESk/rBMWobRz5xw/NT/32vuMzXC
wpYUC0/kXu9xCegInxjMmxg+LzOT8pMK7huD/kELXDgbKH/tpa4CfIZfe3xzn8gn
w+IKrpwq4PilxTqwFm/MQU2krg5VvpRZtzQmJkHqEIMeo8WhzVqVTjQlFfRZt0uN
NPv5g/BRU9aytbvI5/tg69proyzuAPNg7BO49ML3HamjJ2cl8YMVN3Ut9OQk0Kfs
oU5Eoa8KjksyQBIb06WYSLkQes01K7RpoJdcWUtSFRKi54dtyd4EEOp0gKMn0NxV
6edajGGL9TTYHd+/N1XhIhzjY1TeEfysvDip9HTfibH5oKk9jtdYpYn47Z9znj+b
oHoQTc7aoEvbXalqZgv4Ysj/go71+AG5eGMrS4xh9FC6ays84KECzkFrxu23dXJG
smYVSshNpdp2pGnnH8iOEVrpLnpnBF9odhnkkcYeMMI45zKVvQvgHbeV7iBWEnFH
JGWdJGyqwCpLUFmemKwsrvZP48/NPO/CwguEUc72REpUjqIWZIXsy4aYaxxsFPMt
BtqG
-----END CERTIFICATE-----

24
hosts/shared/certs/local.adtya.xyz.CA.pem
View file

@ -1,24 +0,0 @@
-----BEGIN CERTIFICATE-----
MIID9zCCAt+gAwIBAgIUKehz8dBJL1Bw1zBPWQlPVonGHmIwDQYJKoZIhvcNAQEL
BQAwgYoxCzAJBgNVBAYTAklOMRAwDgYDVQQIDAdOb3doZXJlMRIwEAYDVQQHDAlN
aWRkbGUgb2YxGzAZBgNVBAoMEiBBRFRZQS5YWVogSG9tZWxhYjEYMBYGA1UEAwwP
bG9jYWwuYWR0eWEueHl6MR4wHAYJKoZIhvcNAQkBFg9hZG1pbkBhZHR5YS54eXow
HhcNMjQwNzA2MTY0NzIzWhcNMjkwNzA1MTY0NzIzWjCBijELMAkGA1UEBhMCSU4x
EDAOBgNVBAgMB05vd2hlcmUxEjAQBgNVBAcMCU1pZGRsZSBvZjEbMBkGA1UECgwS
IEFEVFlBLlhZWiBIb21lbGFiMRgwFgYDVQQDDA9sb2NhbC5hZHR5YS54eXoxHjAc
BgkqhkiG9w0BCQEWD2FkbWluQGFkdHlhLnh5ejCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANLgKvPvfCTe4uRvMGKfrg+RzPpkgvyM/1HY47QMRZjNw7DL
dh8xtE6Boms4/oRFglFvlo3zOCbpCrvWK8HBzt+jqmpuP+4lpjgo8hHP+0ALwtUv
jTW9yorg7CHjloiehgY0HFzs6ZMmqB4DVuZv5jIifLQx9i6S+bTqxfp4n5GqNlZe
gfKph0/M2kK0fXMcdS/o4hmRxk4Nh3gg2AJxhdHfVdUVp1gBBW3K5GIYZcS5+LbH
YB61i7+Zk2ytPHxhgBR3jASVy4ecCVgvAG4ab30bVq0f+N/7jeN5OBKiHZ+8lo09
tW7TT8Maw1YTgDpVvlxGTQd6soq1uO2dzce6vakCAwEAAaNTMFEwHQYDVR0OBBYE
FPN92mUdRebQsb8/iPLYlGCasX0wMB8GA1UdIwQYMBaAFPN92mUdRebQsb8/iPLY
lGCasX0wMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAB9vKYGg
YIwny0DhBkEnnGgxAe+uvK/ozS5hBBYQ1utLVeFLQ/jqZ0GtqPup762j+4ME9beh
IcwhuxQXG2GxBdjzgW8McuEEYR+uCphuKKvjq/VPmHcIqPske5LYtv3uk1t6/oOq
4jYyZqbY64i7yBAw8AFKUF/JQjxHuuXS4osKMHCWCoTKerWHZtOTVjH9o62wNwky
IytV5Mg6xGhdJKur2HmcojIsx1UyRqZJcKkJtayof89ZkoEz8rcbSyJQCWDVuFUn
MdXfjsO/yWxc3iFQEKTJtY5bMo+SOh18UDvwAgj9p9qsMOsfjQm82JKF8/FVvqV6
7HZvbtj1pFwntI8=
-----END CERTIFICATE-----

2
hosts/skipper/security.nix
View file

@ -1,4 +1,5 @@
{ pkgs, ... }: { { pkgs, ... }: {
imports = [ ../shared/certs ];
security = { security = {
pam = { pam = {
services = { services = {
@ -14,7 +15,6 @@
}; };
}; };
}; };
pki.certificateFiles = [ ../shared/certs/local.adtya.xyz.CA.pem ];
polkit.enable = true; polkit.enable = true;
rtkit.enable = true; rtkit.enable = true;
sudo = { sudo = {

1
hosts/wynne/security.nix
View file

@ -1,4 +1,5 @@
_: { _: {
imports = [ ../shared/certs ];
security = { security = {
sudo = { sudo = {
wheelNeedsPassword = false; wheelNeedsPassword = false;