bug#30619: Cuirass requires TLS certificates

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#30619: Cuirass requires TLS certificates

From:	Ludovic Courtès
Subject:	bug#30619: Cuirass requires TLS certificates
Date:	Tue, 27 Feb 2018 17:00:40 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)

Andreas Enge <address@hidden> skribis:

> the cuirass service requires TLS certificates to do continuous integration
> of guix (or more generally, git repositories served over https). This works
> when nss-certs is installed as a global package in the system.
>
> Should the service depend on the nss-certs package? Or maybe take as an
> optional configuration parameter a certificate package?

I thought that, instead of assuming /etc/ssl/certs exists, the Cuirass
service could use (file-append nss-certs "/etc/ssl/certs/ca-certificates.crt").
That would make it self-contained.

That’s currently not possible though because this certificate bundle is
built as a profile hook.  We would first need to export the procedure
that creates bundles, possibly by moving it to a new (guix
x509-certificates) module.

Thoughts?

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#30619: Cuirass requires TLS certificates, Andreas Enge, 2018/02/26
- bug#30619: Cuirass requires TLS certificates, Ludovic Courtès <=

Prev by Date: bug#30618: Cuirass dies with locked database
Next by Date: bug#30613: 'avahi-resolve <host>.local' works but 'ssh <host>.local' fails w/ "Name or service not known"
Previous by thread: bug#30619: Cuirass requires TLS certificates
Next by thread: bug#30622: "Service ssh-daemon could not be started." in desktop VM image
Index(es):
- Date
- Thread