alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

nixos-install: Pass CA cert bundle to chroot.

Browse source 
Since we're using HTTPS for the binary cache (introduced in faf0797) by
default, the binary cache should also be available during installation.

The file that is defined in SSL_CERT_FILE outside of the chroot is
copied over to /tmp/ca-cert.crt inside the chroot, so we have an
absolute path we can reference during nixos-install. However, this might
end up with the file not being cleaned up properly from outside of the
store, but neither would be /tmp/root so the cleanup issue needs to be
solved in another place (or commit to be more exact).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit is contained in:
aszlig 2014-12-12 02:56:11 +01:00
parent f2e20fa837
commit cf7f15c92c
No known key found for this signature in database
GPG key ID: D0EBD0EC8C2DC961
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
nixos/modules/installer/tools/nixos-install.sh
View file

@ -89,6 +89,12 @@ ln -s /run $mountPoint/var/run
rm -f $mountPoint/etc/{resolv.conf,hosts} rm -f $mountPoint/etc/{resolv.conf,hosts}
cp -Lf /etc/resolv.conf /etc/hosts $mountPoint/etc/ cp -Lf /etc/resolv.conf /etc/hosts $mountPoint/etc/
if [ -e "$SSL_CERT_FILE" ]; then
cp -Lf "$SSL_CERT_FILE" "$mountPoint/tmp/ca-cert.crt"
export SSL_CERT_FILE=/tmp/ca-cert.crt
# For Nix 1.7
export CURL_CA_BUNDLE=/tmp/ca-cert.crt
fi
if [ -n "$runChroot" ]; then if [ -n "$runChroot" ]; then
if ! [ -L $mountPoint/nix/var/nix/profiles/system ]; then if ! [ -L $mountPoint/nix/var/nix/profiles/system ]; then