From d5fd265fb773b8c79f190360af2cae3eda95c873 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sat, 16 Sep 2023 16:00:31 +0100 Subject: [PATCH] porcorosso: add quadv-ca --- ops/nixos/lib/quadv-ca/default.nix | 8 +++++ .../lib/quadv-ca/inter-internal-ecdsa.pem | 16 +++++++++ ops/nixos/lib/quadv-ca/inter-internal-rsa.pem | 34 +++++++++++++++++++ ops/nixos/porcorosso/default.nix | 1 + 4 files changed, 59 insertions(+) create mode 100644 ops/nixos/lib/quadv-ca/default.nix create mode 100644 ops/nixos/lib/quadv-ca/inter-internal-ecdsa.pem create mode 100644 ops/nixos/lib/quadv-ca/inter-internal-rsa.pem diff --git a/ops/nixos/lib/quadv-ca/default.nix b/ops/nixos/lib/quadv-ca/default.nix new file mode 100644 index 0000000000..03ae8a34c2 --- /dev/null +++ b/ops/nixos/lib/quadv-ca/default.nix @@ -0,0 +1,8 @@ +{ lib, ... }: + +{ + security.pki.certificateFiles = lib.mkAfter [ + ./inter-internal-ecdsa.pem + ./inter-internal-rsa.pem + ]; +} diff --git a/ops/nixos/lib/quadv-ca/inter-internal-ecdsa.pem b/ops/nixos/lib/quadv-ca/inter-internal-ecdsa.pem new file mode 100644 index 0000000000..d3690ab11a --- /dev/null +++ b/ops/nixos/lib/quadv-ca/inter-internal-ecdsa.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICmDCCAh6gAwIBAgIUQ5HT70G8oQzrLGh1nz4ph9rhmzIwCgYIKoZIzj0EAwMw +PzELMAkGA1UEBhMCR0IxDjAMBgNVBAoTBVF1YWRWMSAwHgYDVQQDExdRdWFkViBJ +bnRlcm5hbCBDQSBFQ0RTQTAeFw0yMzA5MDMxMDA3MDBaFw0yNTA5MDIxMDA3MDBa +MEYxCzAJBgNVBAYTAkdCMQ4wDAYDVQQKEwVRdWFkVjEnMCUGA1UEAxMeUXVhZFYg +VExTIEludGVybmFsIFN1YkNBIEVDRFNBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE +N1PBlyyQwGtDlg+fAJEsY+U/kmyO6pZNOk9WrVEskq6L2P+Bs5zAPH6/LLIlQ4iV +0O6p5y2hO4ghs0iD0tzQ9AG8p/WE1N+Wbh9WYnh9V/7/EnD+f22+A5t8WMKje3v7 +o4HTMIHQMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB +BQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUOFcXoWTZxavVFevp +jkfsBrlHS6owHwYDVR0jBBgwFoAUmLiFn3kQy0KkkX5/YRxIbUrsv+8wSwYDVR0e +AQH/BEEwP6A9MAuCCXF1YWR2Lm5ldDAKhwgKAAAA/wAAADAKhwisEAAA///wADAK +hwjAqAAA//8AADAKhwip/gAA//8AADAKBggqhkjOPQQDAwNoADBlAjEAuCYUzqzX +nMwKi9y70SBXTVbI40QL5+oemr0Ay0Si0cCa+OZy3zLHQJlrAnhB+ZCEAjAj8gth +dRVPlyTrnUbEUi3mqFPdrQiUGC23NN7hbLyciqCCxFtrv/T+Jmui38SfnBg= +-----END CERTIFICATE----- diff --git a/ops/nixos/lib/quadv-ca/inter-internal-rsa.pem b/ops/nixos/lib/quadv-ca/inter-internal-rsa.pem new file mode 100644 index 0000000000..fa6e08629a --- /dev/null +++ b/ops/nixos/lib/quadv-ca/inter-internal-rsa.pem @@ -0,0 +1,34 @@ +-----BEGIN CERTIFICATE----- +MIIF4zCCA8ugAwIBAgIUdwKo7cpFivdWYG3c+TTgDel8mhgwDQYJKoZIhvcNAQEN +BQAwPTELMAkGA1UEBhMCR0IxDjAMBgNVBAoTBVF1YWRWMR4wHAYDVQQDExVRdWFk +ViBJbnRlcm5hbCBDQSBSU0EwHhcNMjMwOTAzMTAwNzAwWhcNMjUwOTAyMTAwNzAw +WjBEMQswCQYDVQQGEwJHQjEOMAwGA1UEChMFUXVhZFYxJTAjBgNVBAMTHFF1YWRW +IFRMUyBJbnRlcm5hbCBTdWJDQSBSU0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQCyJC4s7hQpZtBaiqD6m9Nvnhx0CX5CO2h0yeQIY/gGMRLReI4rtjb0 +GcaZN79DtxH9UP9YVYn/Hq/GcpFkxTnwgy/Fg7NPtu4GROCJW7mBjgYqnY5ipdQU +3zMdxXtoFSVdELIq7/bc4rEKdbgrzjz0YFzYogKXHrzgcZYaOz6T41AXPGPEzrni +fveStwb46B/5unViod8s5sxDYBthtaFcRyNLwr+40fO878TvPPEFXsPDyfoMnfse +n7h77cJBVQwD2Q+O7lMTmmGoTw9BOeg8N3FToNPGyAhYwHBDoxVujIYFJaInb6gF +k0FpE434MGtVz+9f0DvaSUv0SeLFd6t7iZrJo0gk+LJBdp3+gTCDAmZ4zD0rF9rI +v7J/NZ1dV0lbLQE2Nq9axO0qTAnLFHyoXsZtvQjD3PCiCgH805JIQSsQdheRDw3a +CxvPrmePyThotHmY6upYaOhFk+eLa9IN7WhiUkbqco2NPxTgP2PIfyzhLlG1ubR3 +rlfyWsIk0HrQhvpLSjnyIB+D/j0cC8MgwCsROTB7QKOUT6d0mo7DHr3PtKPP0tu2 +0tKnoANogi5gZKGwQogjPzGIlotUHMi1839gXoXFwuLP0m7c+oYvoRXQhSJrxPma +VOEkHii+6NjZ3C0ZXEdb/A9Myvt0thWHpL7S1XvmtyZEFDa0IoUhiwIDAQABo4HT +MIHQMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH +AwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQURihbznk36U5ADP0fbE4w +TGAflWkwHwYDVR0jBBgwFoAUOrUCfmQj9TO7ko22/cNRjNPMMYswSwYDVR0eAQH/ +BEEwP6A9MAuCCXF1YWR2Lm5ldDAKhwgKAAAA/wAAADAKhwisEAAA///wADAKhwjA +qAAA//8AADAKhwip/gAA//8AADANBgkqhkiG9w0BAQ0FAAOCAgEAxXlERE4vuEbs +R6nIOZ2dIhKUbN0Rwmd0GmWFwhrjX+P+3lBSnxZ06GwG6TiTQCDJKqeeHrXCeNuM +IWRmMPn/3vJhU2BPXQZOXgqL8AfTfl8HfR81X5I+KDjs1VjJIX1Xd5lKG7ol0rO4 +xBgdBe3r4cOo5NPrgAVHDv5gE6Vj5YJ2LiSC1y7BJ1K2Pt0CwMrB/fQt6+2G2/l0 +zgpbkGptSb9Xfvp1hr5AE4JJyMWc9UttmjfTkcUZU5BRVae9EQzaj62Z4Dv3+JGL +8XTmNrIWKjw8dAmqUA4EMuNeRUoTCf/HDeLkcor9wyYwrSY0QY2+bW80QUfsZXAk +PPkRORJhkM/39OhaSyn8Zd9HNSMwIquymGwZHiqBja4aaek3OTWiB6LYcf0aKWKl +3yds7sP8+SPHYFT5Z+y/YQOlkjeLGWyLjk8PuWz2I1r1IHly2j0c5JSaSU1p5j3J +iZ+H3y6kWErzZqqnnrRCti/+K5Kjo0q1DWVXRGwvDitCq425t/hlcMKFgQx9xMpX +E7EXwJ58Zm90zx97xgDUg+/9148emljF73g42i5Yc8qiN/YSIfJ0cLAWbWxaXxbf +sBjb8/FEV9DGx4kYne9He2NlVmrbV1ggQ0YJeoyOlzldL82Q7UywHqFSxAlj8cwB +WE144oJ9KiITegM5EFAsYqsszTV+7m0= +-----END CERTIFICATE----- diff --git a/ops/nixos/porcorosso/default.nix b/ops/nixos/porcorosso/default.nix index a95ebeae1f..5a9c316032 100644 --- a/ops/nixos/porcorosso/default.nix +++ b/ops/nixos/porcorosso/default.nix @@ -27,6 +27,7 @@ in { ../lib/graphical-client-x11.nix ../lib/plasma.nix ../lib/whitby-distributed.nix + ../lib/quadv-ca/default.nix ]; boot.initrd.availableKernelModules = [