diff --git a/redis-certificates/ca.crt b/certificates/redis/ca.crt similarity index 100% rename from redis-certificates/ca.crt rename to certificates/redis/ca.crt diff --git a/redis-certificates/ca.key b/certificates/redis/ca.key similarity index 100% rename from redis-certificates/ca.key rename to certificates/redis/ca.key diff --git a/redis-certificates/ca.txt b/certificates/redis/ca.txt similarity index 100% rename from redis-certificates/ca.txt rename to certificates/redis/ca.txt diff --git a/redis-certificates/client.crt b/certificates/redis/client.crt similarity index 100% rename from redis-certificates/client.crt rename to certificates/redis/client.crt diff --git a/redis-certificates/client.key b/certificates/redis/client.key similarity index 100% rename from redis-certificates/client.key rename to certificates/redis/client.key diff --git a/redis-certificates/openssl.cnf b/certificates/redis/openssl.cnf similarity index 100% rename from redis-certificates/openssl.cnf rename to certificates/redis/openssl.cnf diff --git a/redis-certificates/redis.crt b/certificates/redis/redis.crt similarity index 100% rename from redis-certificates/redis.crt rename to certificates/redis/redis.crt diff --git a/redis-certificates/redis.dh b/certificates/redis/redis.dh similarity index 100% rename from redis-certificates/redis.dh rename to certificates/redis/redis.dh diff --git a/redis-certificates/redis.key b/certificates/redis/redis.key similarity index 100% rename from redis-certificates/redis.key rename to certificates/redis/redis.key diff --git a/redis-certificates/server.crt b/certificates/redis/server.crt similarity index 100% rename from redis-certificates/server.crt rename to certificates/redis/server.crt diff --git a/redis-certificates/server.key b/certificates/redis/server.key similarity index 100% rename from redis-certificates/server.key rename to certificates/redis/server.key diff --git a/flake.nix b/flake.nix index 641c5fc..4d2f05b 100644 --- a/flake.nix +++ b/flake.nix @@ -24,7 +24,7 @@ }; extraPaths = [ - ./redis-certificates + ./certificates ]; withOverlays = [ diff --git a/nix/image/bootstrap.sh b/nix/image/bootstrap.sh index 5f85777..50c14c2 100755 --- a/nix/image/bootstrap.sh +++ b/nix/image/bootstrap.sh @@ -59,9 +59,9 @@ if [ -n "${REDIS_TLS:-}" ] then redis-server --protected-mode no \ --tls-port 6379 --port 0 \ - --tls-cert-file /redis-certificates/server.crt \ - --tls-key-file /redis-certificates/server.key \ - --tls-ca-cert-file /redis-certificates/ca.crt & + --tls-cert-file /certificates/redis/server.crt \ + --tls-key-file /certificates/redis/server.key \ + --tls-ca-cert-file /certificates/redis/ca.crt & else redis-server --protected-mode no & fi diff --git a/nix/image/configs/nc/redis-tls.php b/nix/image/configs/nc/redis-tls.php index fecc760..cb454ac 100644 --- a/nix/image/configs/nc/redis-tls.php +++ b/nix/image/configs/nc/redis-tls.php @@ -2,9 +2,9 @@ 'host' => 'tls://127.0.0.1', 'port' => 6379, 'ssl_context' => [ - 'local_cert' => '/redis-certificates/client.crt', - 'local_pk' => '/redis-certificates/client.key', - 'cafile' => '/redis-certificates/ca.crt', + 'local_cert' => '/certificates/redis/client.crt', + 'local_pk' => '/certificates/redis/client.key', + 'cafile' => '/certificates/redis/ca.crt', 'verify_peer_name' => false, ], ], diff --git a/nix/image/haze.nix b/nix/image/haze.nix index 38bc8f9..926f0fa 100644 --- a/nix/image/haze.nix +++ b/nix/image/haze.nix @@ -104,9 +104,9 @@ ''; }; - redis-certificates = runCommand "scripts" {} '' + certificates = runCommand "scripts" {} '' mkdir -p $out - cp -r ${../../redis-certificates} $out/redis-certificates + cp -r ${../../certificates} $out/certificates ''; clamav-data = runCommand "scripts" {} '' mkdir -p $out/etc @@ -170,7 +170,7 @@ in bootstrap configs scripts - redis-certificates + certificates clamav-data shadowSetupScript ]; diff --git a/nix/package.nix b/nix/package.nix index d79a216..fcd6489 100644 --- a/nix/package.nix +++ b/nix/package.nix @@ -7,7 +7,7 @@ inherit (lib) getExe; inherit (lib.sources) sourceByRegex; inherit (builtins) fromTOML readFile; - src = sourceByRegex ../. ["Cargo.*" "(src|redis-certificates)(/.*)?"]; + src = sourceByRegex ../. ["Cargo.*" "(src|certificates)(/.*)?"]; version = (fromTOML (readFile ../Cargo.toml)).package.version; in rustPlatform.buildRustPackage rec { diff --git a/src/main.rs b/src/main.rs index 5eb6e0c..2e4de9b 100644 --- a/src/main.rs +++ b/src/main.rs @@ -421,16 +421,16 @@ async fn main() -> Result { ); if cloud.services().contains(&Service::RedisTls(RedisTls)) { - create_dir_all(config.work_dir.join("redis_certificates")) + create_dir_all(config.work_dir.join("certificates/redis")) .into_diagnostic() .wrap_err("Failed to create redis certificate directory")?; - let redis_cert_path = config.work_dir.join("redis_certificates/client.cert"); - let redis_key_path = config.work_dir.join("redis_certificates/client.key"); - let redis_ca_path = config.work_dir.join("redis_certificates/ca.cert"); + let redis_cert_path = config.work_dir.join("certificates/redis/client.cert"); + let redis_key_path = config.work_dir.join("certificates/redis/client.key"); + let redis_ca_path = config.work_dir.join("certificates/redis/ca.cert"); if !redis_cert_path.exists() { write( &redis_cert_path, - include_bytes!("../redis-certificates/client.crt"), + include_bytes!("../certificates/redis/client.crt"), ) .into_diagnostic() .wrap_err("Failed to write redis client certificate")?; @@ -438,7 +438,7 @@ async fn main() -> Result { if !redis_key_path.exists() { write( &redis_key_path, - include_bytes!("../redis-certificates/client.key"), + include_bytes!("../certificates/redis/client.key"), ) .into_diagnostic() .wrap_err("Failed to write redis client key")?; @@ -446,7 +446,7 @@ async fn main() -> Result { if !redis_ca_path.exists() { write( &redis_ca_path, - include_bytes!("../redis-certificates/ca.crt"), + include_bytes!("../certificates/redis/ca.crt"), ) .into_diagnostic() .wrap_err("Failed to write redis ca certificate")?;