diff options
author | Leo Famulari <leo@famulari.name> | 2017-02-28 20:21:10 -0500 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2017-03-12 03:23:16 -0400 |
commit | 0a6bd107e506b535a79ff4f3bd214953d592f7e6 (patch) | |
tree | c18ac8755aabdbc4ca0d0a9c6f86e4e3d46a9e6f | |
parent | eba560765a5afccbc5d3b64df410d89b1f79a18e (diff) | |
download | guix-0a6bd107e506b535a79ff4f3bd214953d592f7e6.tar.gz |
gnu: Add le-certs.
* gnu/packages/certs.scm (le-certs): New variable.
-rw-r--r-- | gnu/packages/certs.scm | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm index 246e5ca14a..e35e9aabab 100644 --- a/gnu/packages/certs.scm +++ b/gnu/packages/certs.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2017 Leo Famulari <leo@famulari.name> ;;; ;;; This file is part of GNU Guix. ;;; @@ -139,3 +140,60 @@ taken from the NSS package and thus ultimately from the Mozilla project.") (home-page "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS") (license license:mpl2.0))) + +(define-public le-certs + (package + (name "le-certs") + (version "0") + (source #f) + (build-system trivial-build-system) + (arguments + '(#:modules ((guix build utils)) + #:builder + (begin + (use-modules (guix build utils)) + (let ((root (assoc-ref %build-inputs "isrgrootx1.pem")) + (intermediate (assoc-ref %build-inputs "letsencryptauthorityx3.pem")) + (backup (assoc-ref %build-inputs "letsencryptauthorityx4.pem")) + (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs"))) + (mkdir-p out) + (for-each + (lambda (cert) + (copy-file cert (string-append out "/" + (strip-store-file-name cert)))) + (list root intermediate backup)))))) + (inputs + `(; The Let's Encrypt root certificate, "ISRG Root X1". + ("isrgrootx1.pem" + ,(origin + (method url-fetch) + (uri "https://letsencrypt.org/certs/isrgrootx1.pem") + (sha256 + (base32 + "0zhd1ps7sz4w1x52xk3v7ng6d0rcyi7y7rcrplwkmilnq5hzjv1y")))) + ;; "Let’s Encrypt Authority X3", the active Let's Encrypt intermediate + ;; certificate. + ("letsencryptauthorityx3.pem" + ,(origin + (method url-fetch) + (uri "https://letsencrypt.org/certs/letsencryptauthorityx3.pem") + (sha256 + (base32 + "0zbamj6c7zqw1j9mbqygc8k1ykgj6xiisp9svmlif5lkbnyjhnkk")))) + ;; "Let’s Encrypt Authority X4", the backup Let's Encrypt intermediate + ;; certificate. This will be used for disaster recovery and will only be + ;; used should Let's Encrypt lose the ability to issue with "Let’s + ;; Encrypt Authority X3". + ("letsencryptauthorityx4.pem" + ,(origin + (method url-fetch) + (uri "https://letsencrypt.org/certs/letsencryptauthorityx4.pem") + (sha256 + (base32 + "003dc94c8qwj634h0dq743x7hqv9rdcfaisdksprkmi2jd107xq4")))))) + (home-page "https://letsencrypt.org/certificates/") + (synopsis "Let's Encrypt root and intermediate certificates") + (description "This package provides a certificate store containing only the +Let's Encrypt root and intermediate certificates. It is intended to be used +within Guix.") + (license license:public-domain))) |