Commit 3df41451 authored by Tako Marks's avatar Tako Marks
Browse files

nixos/kanidm: Bind mount cacert path in unixd service 

In order to be able to use the unixd service with the `verify_ca` and
`verify_hostnames` set to `true` it needs to be able to read the
certificate store. This change bind mounts the cacert paths for the
unixd service.
parent 99536a41

nixos/modules/services/security/kanidm.nix

+2 −0
Original line number Diff line number Diff line
@@ -248,6 +248,8 @@ in 
          "-/etc/localtime"

          "-/etc/kanidm"

          "-/etc/static/kanidm"

          "-/etc/ssl"

          "-/etc/static/ssl"

        ];

        BindPaths = [

          # To create the socket