nixos-config/mastus/vmtest.nix

let

  configuration = { config, pkgs, ... }: {
    imports = [ ./configuration.nix ];

    users.extraUsers.gebner.password = "";
    users.users.root.password = "";

    boot.enableContainers = true;

    systemd.services.createSSLKeys = {
      path = [ pkgs.easyrsa ];
      serviceConfig = {
        Type = "oneshot";
        RemainAfterExit = "yes";
      };
      script = ''
rm -rf /etc/sslcerts
mkdir -p /etc/sslcerts/keys
cd /etc/sslcerts

# export PKCS11TOOL="pkcs11-tool"
export KEY_CONFIG=`${pkgs.easyrsa}/share/easy-rsa/whichopensslcnf ${pkgs.easyrsa}/share/easy-rsa/`
export KEY_DIR="$PWD/keys"

# PKCS11 fixes
# export PKCS11_MODULE_PATH="dummy"
# export PKCS11_PIN="dummy"

export KEY_SIZE=1024

export CA_EXPIRE=3650
export KEY_EXPIRE=3650

export KEY_COUNTRY="AT"
export KEY_PROVINCE="AT"
export KEY_CITY="Vienna"
export KEY_ORG="Gabriel"
export KEY_EMAIL="testing@gebner.org"
export KEY_CN=testing.gebner.org
export KEY_NAME=testing.gebner.org
export KEY_OU=testing
# export PKCS11_MODULE_PATH=changeme
# export PKCS11_PIN=1234

clean-all
build-dh
pkitool --initca

KEY_CN=git.gebner.org pkitool --server git
KEY_CN=mail.gebner.org pkitool --server mail

cp keys/ca.crt startssl.cert
cp keys/mail.crt mail.cert
cp keys/mail.key mail-postfix.key
cp keys/mail.key mail-dovecot.key
cp keys/git.crt git.cert
cp keys/git.key mastus.key

      '';
    };

    systemd.services.setupVM = rec {
      wantedBy = [ "gogs.service" "dovecot2.service" ];
      before = wantedBy;
      wants = [ "createSSLKeys.service" ];
      serviceConfig = {
        Type = "oneshot";
        RemainAfterExit = "yes";
      };
      script = ''
        mkdir -p /srv/git.gebner.org
        chown git:git -R /srv/git.gebner.org
      '';
    };
  };

  nixos = import <nixpkgs/nixos> { configuration = configuration; };

in nixos.vm
mastus: nix file for easy vm testing 2015-09-14 17:38:59 +00:00			`let`

			`configuration = { config, pkgs, ... }: {`
			`imports = [ ./configuration.nix ];`

			`users.extraUsers.gebner.password = "";`
			`users.users.root.password = "";`
mastus: mail & git 2015-10-18 12:25:54 +00:00
			`boot.enableContainers = true;`

			`systemd.services.createSSLKeys = {`
			`path = [ pkgs.easyrsa ];`
			`serviceConfig = {`
			`Type = "oneshot";`
			`RemainAfterExit = "yes";`
			`};`
			`script = ''`
			`rm -rf /etc/sslcerts`
			`mkdir -p /etc/sslcerts/keys`
			`cd /etc/sslcerts`

			`# export PKCS11TOOL="pkcs11-tool"`
			export KEY_CONFIG=`${pkgs.easyrsa}/share/easy-rsa/whichopensslcnf ${pkgs.easyrsa}/share/easy-rsa/`
			`export KEY_DIR="$PWD/keys"`

			`# PKCS11 fixes`
			`# export PKCS11_MODULE_PATH="dummy"`
			`# export PKCS11_PIN="dummy"`

			`export KEY_SIZE=1024`

			`export CA_EXPIRE=3650`
			`export KEY_EXPIRE=3650`

			`export KEY_COUNTRY="AT"`
			`export KEY_PROVINCE="AT"`
			`export KEY_CITY="Vienna"`
			`export KEY_ORG="Gabriel"`
			`export KEY_EMAIL="testing@gebner.org"`
			`export KEY_CN=testing.gebner.org`
			`export KEY_NAME=testing.gebner.org`
			`export KEY_OU=testing`
			`# export PKCS11_MODULE_PATH=changeme`
			`# export PKCS11_PIN=1234`

			`clean-all`
			`build-dh`
			`pkitool --initca`

			`KEY_CN=git.gebner.org pkitool --server git`
			`KEY_CN=mail.gebner.org pkitool --server mail`

			`cp keys/ca.crt startssl.cert`
			`cp keys/mail.crt mail.cert`
			`cp keys/mail.key mail-postfix.key`
			`cp keys/mail.key mail-dovecot.key`
			`cp keys/git.crt git.cert`
			`cp keys/git.key mastus.key`

			`'';`
			`};`

			`systemd.services.setupVM = rec {`
			`wantedBy = [ "gogs.service" "dovecot2.service" ];`
			`before = wantedBy;`
			`wants = [ "createSSLKeys.service" ];`
			`serviceConfig = {`
			`Type = "oneshot";`
			`RemainAfterExit = "yes";`
			`};`
			`script = ''`
			`mkdir -p /srv/git.gebner.org`
			`chown git:git -R /srv/git.gebner.org`
			`'';`
			`};`
mastus: nix file for easy vm testing 2015-09-14 17:38:59 +00:00			`};`

			`nixos = import <nixpkgs/nixos> { configuration = configuration; };`

mastus: mail & git 2015-10-18 12:25:54 +00:00			`in nixos.vm`