phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 05:36:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Downgrade OpenSSL used by nginx to 1.1 until there is a security patch for 3.0

Browse source
This commit is contained in:
Paul-Henri Froidmont 2022-11-01 15:52:46 +01:00
parent c0ad9f5359
commit 2487bc13cd
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
flake.nix
View file

@ -20,6 +20,10 @@
];
};
};
openssl1_1Overlay = final: prev: {
nginxStable = prev.nginxStable.override { openssl = pkgs.openssl_1_1; };
};
in
{
devShells.x86_64-linux.default = pkgs.mkShell {
@ -50,6 +54,7 @@
./profiles/db.nix
(
{
nixpkgs.overlays = [ openssl1_1Overlay ];
sops.defaultSopsFile = ./secrets.enc.yml;
networking.hostName = "db1";
networking.domain = "banditlair.com";
@ -68,6 +73,7 @@
./profiles/backend.nix
(
{
nixpkgs.overlays = [ openssl1_1Overlay ];
sops.defaultSopsFile = ./secrets.enc.yml;
networking.hostName = "backend1";
networking.domain = "banditlair.com";
@ -88,6 +94,7 @@
./profiles/storage.nix
(
{
nixpkgs.overlays = [ openssl1_1Overlay ];
sops.defaultSopsFile = ./secrets.enc.yml;
networking.hostName = "storage1";
networking.domain = "banditlair.com";