binary tarball: include cacert in root paths
93cc06334
removed nss-cacert from the binary tarball, but they're
necessary for global compatibility (and for our installer). This is what
results in cacerts being in the default profile, so e.g. the daemon has
TLS certs without having to use the system ones.
There's a fallback behavior in the daemon script in case these wind up
missing from the profile, but we don't want to have to rely on that,
since the fallback fails if it doesn't recognize one of a handful of
distros.
Change-Id: I60d8e6f734469548e80d5f38113ef168f67cbf7d
This commit is contained in:
parent
629351163d
commit
a3be742bda
1 changed files with 7 additions and 1 deletions
|
@ -1,11 +1,17 @@
|
||||||
{
|
{
|
||||||
buildPackages,
|
buildPackages,
|
||||||
|
cacert,
|
||||||
nix,
|
nix,
|
||||||
system,
|
system,
|
||||||
version,
|
version,
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
installerClosureInfo = buildPackages.closureInfo { rootPaths = [ nix ]; };
|
installerClosureInfo = buildPackages.closureInfo {
|
||||||
|
rootPaths = [
|
||||||
|
nix
|
||||||
|
cacert
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
meta.description = "Distribution-independent Nix bootstrap binaries for ${system}";
|
meta.description = "Distribution-independent Nix bootstrap binaries for ${system}";
|
||||||
in
|
in
|
||||||
|
|
Loading…
Reference in a new issue