From 885ab9286e4be1f353ee3883361d103791101d7b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Baylac-Jacqu=C3=A9?= Date: Mon, 9 Aug 2021 18:40:56 +0200 Subject: [PATCH] nixosTests.pleroma: increase certificate validity duration Analogous to 6325d15e9001a5cfd3bb7ee901adeed28d844dd6. The test certificate expiration date was set to the default 30 days. This certificate is generated through its own derivation. As with every derivation, it gets cached by cache.nixos.org once we build it. In practice, we rebuild this derivation only if one of its input changes. The only inputs here being openssl and stdenv. While it's not an issue on the unstable branches, it can be problematic on a stable release: the test will fail after 30 days. Extending the certificate lifespan from 1 month to 100 years to prevent it from getting expired while being cached. --- nixos/tests/pleroma.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/tests/pleroma.nix b/nixos/tests/pleroma.nix index 797cac44f956..aacd9e01eb17 100644 --- a/nixos/tests/pleroma.nix +++ b/nixos/tests/pleroma.nix @@ -163,7 +163,7 @@ import ./make-test-python.nix ({ pkgs, ... }: ''; tls-cert = pkgs.runCommandNoCC "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } '' - openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=pleroma.nixos.test' + openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=pleroma.nixos.test' -days 36500 mkdir -p $out cp key.pem cert.pem $out '';