Add expression for generating linkerd trust anchors

2020-11-12 10:06:54 +01:00
parent 9e79911b1d
commit 55aaad91be
2 changed files with 37 additions and 20 deletions
--- a/modules/linkerd-certs.nix
+++ b/modules/linkerd-certs.nix
@@ -0,0 +1,16 @@
+{ pkgs, ... }:
+let
+  identity = import ./initca.nix {
+    inherit pkgs;
+    name = "linkerd-identity-ca";
+    hosts = [ "identity.linkerd.cluster.local" ];
+  };
+
+  webhook = import ./initca.nix {
+    inherit pkgs;
+    name = "linkerd-webhook-ca";
+    hosts = [ "webhook.linkerd.cluster.local" ];
+  };
+in {
+    inherit identity webhook;
+}