From 5909f596918ea84220bf78252227eb74d298b3b1 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Sun, 17 Nov 2024 00:02:14 +1000 Subject: [PATCH] treewide: use NIX_SSL_CERT_FILE instead of pkgs.cacert --- modules/examples/hydra.nix | 2 +- modules/examples/lnl.nix | 2 +- modules/services/cachix-agent.nix | 2 +- modules/services/gitlab-runner.nix | 2 +- modules/services/hercules-ci-agent/default.nix | 2 +- modules/services/ofborg/default.nix | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/examples/hydra.nix b/modules/examples/hydra.nix index eb1c5d9b0..81bcb7f4b 100644 --- a/modules/examples/hydra.nix +++ b/modules/examples/hydra.nix @@ -3,7 +3,7 @@ let environment = lib.concatStringsSep " " [ "NIX_REMOTE=daemon" - "NIX_SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" + "NIX_SSL_CERT_FILE=${config.environment.variables.NIX_SSL_CERT_FILE}" ]; in diff --git a/modules/examples/lnl.nix b/modules/examples/lnl.nix index dccae077a..7138f9237 100644 --- a/modules/examples/lnl.nix +++ b/modules/examples/lnl.nix @@ -63,7 +63,7 @@ # launchd.user.agents.fetch-nixpkgs-updates = { # command = "/usr/bin/sandbox-exec -f ${config.security.sandbox.profiles.fetch-nixpkgs-updates.profile} ${pkgs.git}/bin/git -C ${toString ~/Code/nixos/nixpkgs} fetch origin master"; # environment.HOME = ""; - # environment.NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + # environment = { inherit (config.environment.variables) NIX_SSL_CERT_FILE; }; # serviceConfig.KeepAlive = false; # serviceConfig.ProcessType = "Background"; # serviceConfig.StartInterval = 360; diff --git a/modules/services/cachix-agent.nix b/modules/services/cachix-agent.nix index d9e4a909c..d1224a5bc 100644 --- a/modules/services/cachix-agent.nix +++ b/modules/services/cachix-agent.nix @@ -61,7 +61,7 @@ in { path = [ config.nix.package pkgs.coreutils config.environment.systemPath ]; environment = { - NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + inherit (config.environment.variables) NIX_SSL_CERT_FILE; USER = "root"; }; diff --git a/modules/services/gitlab-runner.nix b/modules/services/gitlab-runner.nix index 94c291efd..c1c0fd3b1 100644 --- a/modules/services/gitlab-runner.nix +++ b/modules/services/gitlab-runner.nix @@ -551,7 +551,7 @@ in launchd.daemons.gitlab-runner = { environment = { #config.networking.proxy.envVars // { HOME = "${config.users.users.gitlab-runner.home}"; - NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + inherit (config.environment.variables) NIX_SSL_CERT_FILE; } // (if config.nix.useDaemon then { NIX_REMOTE = "daemon"; } else {}); path = with pkgs; [ bash diff --git a/modules/services/hercules-ci-agent/default.nix b/modules/services/hercules-ci-agent/default.nix index fc3d95200..48eebed73 100644 --- a/modules/services/hercules-ci-agent/default.nix +++ b/modules/services/hercules-ci-agent/default.nix @@ -27,7 +27,7 @@ in path = [ config.nix.package config.environment.systemPath ]; environment = { - NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + inherit (config.environment.variables) NIX_SSL_CERT_FILE; }; serviceConfig.KeepAlive = true; diff --git a/modules/services/ofborg/default.nix b/modules/services/ofborg/default.nix index 8959cc846..ebf3cc980 100644 --- a/modules/services/ofborg/default.nix +++ b/modules/services/ofborg/default.nix @@ -63,7 +63,7 @@ in path = [ config.nix.package pkgs.bash pkgs.coreutils pkgs.curl pkgs.git ]; environment = { RUST_BACKTRACE = "1"; - NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + inherit (config.environment.variables) NIX_SSL_CERT_FILE; }; serviceConfig.KeepAlive = true;