john/dendritic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

case structure

Browse Source
This commit is contained in:
John Lancaster
2026-03-16 08:37:40 -05:00
parent 2231c5910c
commit 3af6ab0819
1 changed files with 15 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
modules/services/step-ca/mtls.nix
View File

@@ -1,5 +1,6 @@
{ inputs, lib, ... }: { inputs, lib, ... }:
let let
# Options that will be in common between
opts = { opts = {
enable = lib.mkEnableOption "Enable mTLS"; enable = lib.mkEnableOption "Enable mTLS";
caURL = lib.mkOption { caURL = lib.mkOption {
@@ -110,18 +111,20 @@ let
echo "Renewing mTLS certificate" echo "Renewing mTLS certificate"
else else
rc=$? rc=$?
if [ "$rc" -eq 1 ]; then case "$rc" in
1)
echo "mTLS certificate does not need renewal" echo "mTLS certificate does not need renewal"
exit 0 exit 0
fi ;;
2)
if [ "$rc" -eq 2 ]; then
echo "mTLS certificate missing: ${tlsCert}" >&2 echo "mTLS certificate missing: ${tlsCert}" >&2
exit 1 exit 1
fi ;;
*)
echo "step certificate needs-renewal failed with rc=$rc" >&2 echo "step certificate needs-renewal failed with rc=$rc" >&2
exit "$rc" exit "$rc"
;;
esac
fi fi
${lib.getExe pkgs.step-cli} ca renew --force "${tlsCert}" "${tlsKey}" ${lib.getExe pkgs.step-cli} ca renew --force "${tlsCert}" "${tlsKey}"