From 0ed17847d32885b3400dd7f33920898445a7a505 Mon Sep 17 00:00:00 2001
From: Alejandro Soto <alejandro@34project.org>
Date: Sat, 20 Jul 2024 16:02:20 -0600
Subject: sys/pki: initial commit, declares mail-fullchain-crl

---
 sys/pki/chains/default.nix | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 sys/pki/chains/default.nix

(limited to 'sys/pki/chains/default.nix')

diff --git a/sys/pki/chains/default.nix b/sys/pki/chains/default.nix
new file mode 100644
index 0000000..5bbde43
--- /dev/null
+++ b/sys/pki/chains/default.nix
@@ -0,0 +1,24 @@
+{ lib, ... }:
+with lib; {
+  options.local.pki.chains =
+    let
+      chainType = mkOption {
+        type = types.path;
+        readOnly = true;
+      };
+    in
+    {
+      mail-fullchain-crl = chainType;
+    };
+
+  config.local.pki.chains = {
+    # Orden de concatenación de mail-fullchain-crl.crt:
+    # - Issuing CA cert
+    # - Issuing CA CRL
+    # - Intermediate CA cert
+    # - Intermediate CA CRL
+    # - Root CA cert
+    # - Root CA CRL
+    mail-fullchain-crl = ./mail-fullchain-crl.crt;
+  };
+}
-- 
cgit v1.2.3