From 91bd193c60940ea82547a2bde2dbf1e8bda98610 Mon Sep 17 00:00:00 2001
From: Gabriel Ebner <gebner@gebner.org>
Date: Sun, 24 Apr 2016 16:44:51 +0200
Subject: [PATCH] mastus/vmtest: update to new easyrsa version

---
 mastus/vmtest.nix | 42 ++++++++----------------------------------
 1 file changed, 8 insertions(+), 34 deletions(-)

diff --git a/mastus/vmtest.nix b/mastus/vmtest.nix
index 8b026be..047b5c3 100644
--- a/mastus/vmtest.nix
+++ b/mastus/vmtest.nix
@@ -16,48 +16,22 @@ let
       };
       script = ''
 rm -rf /etc/sslcerts
-mkdir -p /etc/sslcerts/keys
+mkdir -p /etc/sslcerts
 cd /etc/sslcerts
 
-# export PKCS11TOOL="pkcs11-tool"
-export KEY_CONFIG=`${pkgs.easyrsa}/share/easy-rsa/whichopensslcnf ${pkgs.easyrsa}/share/easy-rsa/`
-export KEY_DIR="$PWD/keys"
+easyrsa-init
+easyrsa init-pki
+easyrsa --batch --req-cn=testing.gebner.org build-ca nopass
+easyrsa --req-cn=gebner.org build-server-full gebner_org nopass
 
-# PKCS11 fixes
-# export PKCS11_MODULE_PATH="dummy"
-# export PKCS11_PIN="dummy"
-
-export KEY_SIZE=1024
-
-export CA_EXPIRE=3650
-export KEY_EXPIRE=3650
-
-export KEY_COUNTRY="AT"
-export KEY_PROVINCE="AT"
-export KEY_CITY="Vienna"
-export KEY_ORG="Gabriel"
-export KEY_EMAIL="testing@gebner.org"
-export KEY_CN=testing.gebner.org
-export KEY_NAME=testing.gebner.org
-export KEY_OU=testing
-# export PKCS11_MODULE_PATH=changeme
-# export PKCS11_PIN=1234
-
-clean-all
-build-dh
-pkitool --initca
-
-KEY_CN=gebner.org pkitool --server gebner_org
-
-cat keys/gebner_org.crt keys/ca.crt >fullchain.pem
-cp keys/gebner_org.key key.pem
+cat pki/issued/gebner_org.crt pki/ca.crt >fullchain.pem
+cp pki/private/gebner_org.key key.pem
 cp key.pem key-dovecot.pem && chown dovecot2 key-dovecot.pem
-
       '';
     };
 
     systemd.services.setupVM = rec {
-      wantedBy = [ "gogs.service" "dovecot2.service" ];
+      wantedBy = [ "gogs.service" "dovecot2.service" "nginx.service" ];
       before = wantedBy;
       wants = [ "createSSLKeys.service" ];
       serviceConfig = {