Hello,
I try to use mkcert with caddy in order to get local ssl certificates.
I didn’t find many code examples on sourcegraph neither on google.
I was able to write this code (not even sure it’s the right way to do this)
let
cert = domain: pkgs.runCommand "cert" { } ''
${pkgs.mkcert}/bin/mkcert ${domain}
'';
in
{
services.caddy = {
enable = true;
virtualHosts = {
"domain.php81.localhost" = {
extraConfig =
''
root * /var/www
file_server
php_fastcgi unix/${config.services.phpfpm.pools.php81.socket}
tls ${cert}/domain.php81.localhost.pem ${cert}/domain.php81.localhost-key.pem
'';
};
};
}
But I get this error at build
ERROR: failed to create the CAROOT: mkdir /homeless-shelter: permission denied
any ideas ?
Thanks
Sandro
March 19, 2023, 10:48pm
2
not sure if what you are doing is general correct but that can be fixed with export HOME=$TMPDIR
or export HOME=$(mktemp -d)
Thanks, it worked !
After that I got another error that I was able to solve
mkCert = domain: pkgs.runCommand "cert" { } ''
HOME=$TMPDIR
${pkgs.mkcert}/bin/mkcert -cert-file ${domain}.pem -key-file ${domain}-key.pem ${domain}
'';
produced the following error
error: builder for '/nix/store/6kwsarsdd10h4s3j5gkz9y3184cfcvzc-cert.drv' failed to produce output path for output 'out' at '/nix/store/6kwsarsdd10h4s3j5gkz9y3184cfcvzc-cert.drv.chroot/nix/store/zwi9rhyj5wpxyv8q4ilrw1nm9ka65w2a-cert'
I found out that adding mkdir $out
solves it.
But can someone explain why in this case I have to create the $out
directory ? I guess this has something to do with runCommand.
Sandro
March 23, 2023, 12:00am
4
runCommand uses mkDerivation under the hood and that must produce a store output otherwise it is counted as a failed build.
1 Like