diff options
| author | W. Kosior <koszko@koszko.org> | 2025-03-13 10:46:21 +0100 |
|---|---|---|
| committer | W. Kosior <koszko@koszko.org> | 2025-03-13 10:46:21 +0100 |
| commit | 074ec7c48f908132bd7e0e254159e7b298248543 (patch) | |
| tree | ddee8ed17d55eb308fd643fb5736d69be09f3f49 | |
| parent | b0f45d21b84f7befd1f4e0bfaae42a04f43381df (diff) | |
| download | koszko-org-guix-server-074ec7c48f908132bd7e0e254159e7b298248543.tar.gz koszko-org-guix-server-074ec7c48f908132bd7e0e254159e7b298248543.zip | |
Correct the certs/key generation for OpenVPN.
| -rw-r--r-- | salamina.scm | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/salamina.scm b/salamina.scm index 70785e3..59cf965 100644 --- a/salamina.scm +++ b/salamina.scm @@ -844,7 +844,7 @@ view:addr('0.0.0.0/0', policy.all(policy.DENY)) (umask initial-umask))) (with-directory-excursion "/etc/openvpn" - (unless (and-map file-exists? '("ca.crt" "server.crt" "server.key")) + (unless (and-map file-exists? '("server.crt" "server.key")) (with-output-to-file "x509.ext" (lambda () (display "\ @@ -876,10 +876,10 @@ authorityKeyIdentifier = keyid,issuer:always (invoke/quiet openssl "x509" "-req" "-sha256" "-extfile" "x509.ext" "-extensions" "ca" "-in" "server.csr" "-signkey" "server.key" - "-days" "10095" "-out" "server.crt") + "-days" "10095" "-out" "server.crt")) - (unless (file-exists? "dh4096.pem") - (invoke/quiet openssl "dhparam" "-out" "dh4096.pem" "4096"))))))) + (unless (file-exists? "dh4096.pem") + (invoke/quiet openssl "dhparam" "-out" "dh4096.pem" "4096")))))) (prepend %services (service vpn:openvpn-server-service-type |