aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuke Clifton <Luke.Clifton@cba.com.au>2018-09-20 07:33:35 +0800
committerLuke Clifton <Luke.Clifton@cba.com.au>2018-09-20 07:33:35 +0800
commitfb72104b80eb5747788ac32bcef9fc1db00d9825 (patch)
treed228bf379059c8105c838df12bcb72a5c768e43c
parent1241a589756414222bbac731686dc3e2cc2538b3 (diff)
Search NIX_PROFILE for SSL CA
-rw-r--r--scripts/nix-profile-daemon.sh.in11
1 files changed, 7 insertions, 4 deletions
diff --git a/scripts/nix-profile-daemon.sh.in b/scripts/nix-profile-daemon.sh.in
index 432100d16..567a543d9 100644
--- a/scripts/nix-profile-daemon.sh.in
+++ b/scripts/nix-profile-daemon.sh.in
@@ -61,10 +61,13 @@ elif [ -e /etc/ssl/certs/ca-bundle.crt ]; then # Old NixOS
export NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt
elif [ -e /etc/pki/tls/certs/ca-bundle.crt ]; then # Fedora, CentOS
export NIX_SSL_CERT_FILE=/etc/pki/tls/certs/ca-bundle.crt
-elif [ -e "$NIX_USER_PROFILE_DIR/profile/etc/ssl/certs/ca-bundle.crt" ]; then # fall back to cacert in the user's Nix profile
- export NIX_SSL_CERT_FILE=$NIX_USER_PROFILE_DIR/profile/etc/ssl/certs/ca-bundle.crt
-elif [ -e "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt" ]; then # fall back to cacert in the default Nix profile
- export NIX_SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt
+else
+ # Fall back to what is in the nix profiles, favouring whatever is defined last.
+ for i in $NIX_PROFILES; do
+ if [ -e $i/etc/ssl/certs/ca-bundle.crt ]; then
+ export NIX_SSL_CERT_FILE=$i/etc/ssl/certs/ca-bundle.crt
+ fi
+ done
fi
export NIX_PATH="nixpkgs=@localstatedir@/nix/profiles/per-user/root/channels/nixpkgs:@localstatedir@/nix/profiles/per-user/root/channels"