From 5949d2ed5da2c43cedc009202fccce7c8c9bc362 Mon Sep 17 00:00:00 2001 From: Daiderd Jordan Date: Thu, 15 Dec 2016 14:27:47 +0100 Subject: [PATCH] fix cert bundle for services.nix-daemon --- modules/nix/default.nix | 6 +++--- modules/services/nix-daemon.nix | 5 +++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/modules/nix/default.nix b/modules/nix/default.nix index 7a8378c..4268669 100644 --- a/modules/nix/default.nix +++ b/modules/nix/default.nix @@ -46,12 +46,12 @@ in nix = { - package = mkOption { + profile = mkOption { type = types.path; default = "/nix/var/nix/profiles/default"; defaultText = "pkgs.nix"; description = '' - This option specifies the profile or Nix package instance to use throughout the system. + This option specifies the profile that contains the Nix package instance to use throughout the system. ''; }; @@ -335,7 +335,7 @@ in } // optionalAttrs cfg.distributedBuilds { - NIX_BUILD_HOOK = "${cfg.package}/libexec/nix/build-remote.pl"; + NIX_BUILD_HOOK = "${cfg.profile}/libexec/nix/build-remote.pl"; NIX_REMOTE_SYSTEMS = "/etc/nix/machines"; NIX_CURRENT_LOAD = "/run/nix/current-load"; }; diff --git a/modules/services/nix-daemon.nix b/modules/services/nix-daemon.nix index a8e448b..e8574e8 100644 --- a/modules/services/nix-daemon.nix +++ b/modules/services/nix-daemon.nix @@ -38,7 +38,7 @@ in ''; launchd.daemons.nix-daemon = { - serviceConfig.Program = "${config.nix.package}/bin/nix-daemon"; + serviceConfig.Program = "${config.nix.profile}/bin/nix-daemon"; serviceConfig.KeepAlive = true; serviceConfig.ProcessType = "Background"; serviceConfig.LowPriorityIO = config.nix.daemonIONice; @@ -46,7 +46,8 @@ in serviceConfig.SoftResourceLimits.NumberOfFiles = 4096; serviceConfig.EnvironmentVariables = config.nix.envVars - // { CURL_CA_BUNDLE = "/etc/ssl/certs/ca-certificates.crt"; } + # // { CURL_CA_BUNDLE = "/etc/ssl/certs/ca-certificates.crt"; } + // { SSL_CERT_FILE = "${config.nix.profile}/etc/ssl/certs/ca-bundle.crt"; } // { TMPDIR = "${cfg.tempDir}"; }; }; };