21 lines
385 B
Nix
21 lines
385 B
Nix
{
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: let
|
|
inherit (config.services.secrets) secrets;
|
|
in {
|
|
environment.systemPackages = with pkgs; [
|
|
step-cli
|
|
step-ca
|
|
];
|
|
|
|
services.step-ca = {
|
|
enable = true;
|
|
address = "0.0.0.0";
|
|
port = 8443;
|
|
intermediatePasswordFile = secrets.internal_ca_password.path;
|
|
settings = builtins.fromJSON (builtins.readFile ../data/ca.json);
|
|
};
|
|
}
|