pki: add nextdns ca

author: Fuwn <[email protected]> 2024-09-29 00:42:16 -0700
committer: Fuwn <[email protected]> 2024-09-29 00:42:16 -0700
commit: 8752a65ba7c21e42661c386004dc8bfdd4cc3816 (patch)
tree: 8e0b6cf8e198c73e9e3f71b7b3b72c1c157861cd /modules/desktop/security/pki.nix
parent: lock: rui, tsutsumi (diff)
download: nixos-config-8752a65ba7c21e42661c386004dc8bfdd4cc3816.tar.xz
nixos-config-8752a65ba7c21e42661c386004dc8bfdd4cc3816.zip
1 files changed, 7 insertions, 2 deletions
diff --git a/modules/desktop/security/pki.nix b/modules/desktop/security/pki.nix
index b804fc5..c781040 100644
--- a/modules/desktop/security/pki.nix
+++ b/modules/desktop/security/pki.nix
@@ -1,7 +1,12 @@
-{ lib, ... }:
+{ pkgs, ... }:
 {
   security.pki = {
-    certificates = lib.mkForce [ ];
+    certificateFiles = [
+      (pkgs.fetchurl {
+        url = "https://nextdns.io/ca";
+        hash = "sha256-yl+2q4H/a8SLGv4Mt+g8+03uy9ihZxACbsj3uCTog34=";
+      })
+    ];
 
     caCertificateBlacklist = [
       "AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
author	Fuwn <[email protected]>	2024-09-29 00:42:16 -0700
committer	Fuwn <[email protected]>	2024-09-29 00:42:16 -0700
commit	8752a65ba7c21e42661c386004dc8bfdd4cc3816 (patch)
tree	8e0b6cf8e198c73e9e3f71b7b3b72c1c157861cd /modules/desktop/security/pki.nix
parent	lock: rui, tsutsumi (diff)
download	nixos-config-8752a65ba7c21e42661c386004dc8bfdd4cc3816.tar.xz nixos-config-8752a65ba7c21e42661c386004dc8bfdd4cc3816.zip