mastus/vmtest: update to new easyrsa version

mastus/vmtest.nix

@@ -16,48 +16,22 @@ let
       };
       script = ''
 rm -rf /etc/sslcerts
-mkdir -p /etc/sslcerts/keys
+mkdir -p /etc/sslcerts
 cd /etc/sslcerts
 
-# export PKCS11TOOL="pkcs11-tool"
+easyrsa-init
-export KEY_CONFIG=`${pkgs.easyrsa}/share/easy-rsa/whichopensslcnf ${pkgs.easyrsa}/share/easy-rsa/`
+easyrsa init-pki
-export KEY_DIR="$PWD/keys"
+easyrsa --batch --req-cn=testing.gebner.org build-ca nopass
+easyrsa --req-cn=gebner.org build-server-full gebner_org nopass
 
-# PKCS11 fixes
+cat pki/issued/gebner_org.crt pki/ca.crt >fullchain.pem
-# export PKCS11_MODULE_PATH="dummy"
+cp pki/private/gebner_org.key key.pem
-# export PKCS11_PIN="dummy"
-
-export KEY_SIZE=1024
-
-export CA_EXPIRE=3650
-export KEY_EXPIRE=3650
-
-export KEY_COUNTRY="AT"
-export KEY_PROVINCE="AT"
-export KEY_CITY="Vienna"
-export KEY_ORG="Gabriel"
-export KEY_EMAIL="testing@gebner.org"
-export KEY_CN=testing.gebner.org
-export KEY_NAME=testing.gebner.org
-export KEY_OU=testing
-# export PKCS11_MODULE_PATH=changeme
-# export PKCS11_PIN=1234
-
-clean-all
-build-dh
-pkitool --initca
-
-KEY_CN=gebner.org pkitool --server gebner_org
-
-cat keys/gebner_org.crt keys/ca.crt >fullchain.pem
-cp keys/gebner_org.key key.pem
 cp key.pem key-dovecot.pem && chown dovecot2 key-dovecot.pem
-
       '';
     };
 
     systemd.services.setupVM = rec {
-      wantedBy = [ "gogs.service" "dovecot2.service" ];
+      wantedBy = [ "gogs.service" "dovecot2.service" "nginx.service" ];
       before = wantedBy;
       wants = [ "createSSLKeys.service" ];
       serviceConfig = {