phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 21:57:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Downgrade OpenSSL used by nginx to 1.1 until there is a security patch for 3.0

Browse source
This commit is contained in:
Paul-Henri Froidmont 2022-11-01 15:52:46 +01:00
parent c0ad9f5359
commit 2487bc13cd
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
flake.nix
View file

@ -20,6 +20,10 @@
]; ];
}; };
}; };
openssl1_1Overlay = final: prev: {
nginxStable = prev.nginxStable.override { openssl = pkgs.openssl_1_1; };
};
in in
{ {
devShells.x86_64-linux.default = pkgs.mkShell { devShells.x86_64-linux.default = pkgs.mkShell {
@ -50,6 +54,7 @@
./profiles/db.nix ./profiles/db.nix
( (
{ {
nixpkgs.overlays = [ openssl1_1Overlay ];
sops.defaultSopsFile = ./secrets.enc.yml; sops.defaultSopsFile = ./secrets.enc.yml;
networking.hostName = "db1"; networking.hostName = "db1";
networking.domain = "banditlair.com"; networking.domain = "banditlair.com";
@ -68,6 +73,7 @@
./profiles/backend.nix ./profiles/backend.nix
( (
{ {
nixpkgs.overlays = [ openssl1_1Overlay ];
sops.defaultSopsFile = ./secrets.enc.yml; sops.defaultSopsFile = ./secrets.enc.yml;
networking.hostName = "backend1"; networking.hostName = "backend1";
networking.domain = "banditlair.com"; networking.domain = "banditlair.com";
@ -88,6 +94,7 @@
./profiles/storage.nix ./profiles/storage.nix
( (
{ {
nixpkgs.overlays = [ openssl1_1Overlay ];
sops.defaultSopsFile = ./secrets.enc.yml; sops.defaultSopsFile = ./secrets.enc.yml;
networking.hostName = "storage1"; networking.hostName = "storage1";
networking.domain = "banditlair.com"; networking.domain = "banditlair.com";