depot/third_party/nixpkgs/nixos/modules/security/acme/mk-cert-ownership-assertion.nix
Default email 14910f5943 Project import generated by Copybara.
GitOrigin-RevId: 5aaed40d22f0d9376330b6fa413223435ad6fee5
2022-01-13 15:06:32 -05:00

4 lines
256 B
Nix

{ cert, group, groups, user }: {
assertion = cert.group == group || builtins.any (u: u == user) groups.${cert.group}.members;
message = "Group for certificate ${cert.domain} must be ${group}, or user ${user} must be a member of group ${cert.group}";
}