Merge pull request 'feature(ssl/tls): add my homelab pki root ca to the trust store' (#12) from feature/add_homelab_ca into main

Reviewed-on: #12

hosts/neon/configuration.nix

@@ -4,6 +4,7 @@
   imports = [
     ../../modules/nixos/audio.nix
     ../../modules/nixos/bootloader.nix
+    ../../modules/nixos/certificates.nix
     ../../modules/nixos/gnupg.nix
     ../../modules/nixos/locales.nix
     ../../modules/nixos/networking.nix

modules/nixos/certificates.nix

@@ -0,0 +1,22 @@
+{ config, lib, pkgs, ... }:
+
+let
+  caddyRootCA = ''
+    -----BEGIN CERTIFICATE-----
+    MIIBozCCAUmgAwIBAgIQf2N1DGp2HVOoPaGuGDEnwjAKBggqhkjOPQQDAjAwMS4w
+    LAYDVQQDEyVDYWRkeSBMb2NhbCBBdXRob3JpdHkgLSAyMDI1IEVDQyBSb290MB4X
+    DTI1MTEwNjE5NDA1OFoXDTM1MDkxNTE5NDA1OFowMDEuMCwGA1UEAxMlQ2FkZHkg
+    TG9jYWwgQXV0aG9yaXR5IC0gMjAyNSBFQ0MgUm9vdDBZMBMGByqGSM49AgEGCCqG
+    SM49AwEHA0IABGR9mSgKCSjvcv7LvvIcO84Wpf/KtC/aexT5shSKXd1R97kIyMI5
+    SUYz0MzbRZHJ4QMpIeALirOK9Eoy2zht0dKjRTBDMA4GA1UdDwEB/wQEAwIBBjAS
+    BgNVHRMBAf8ECDAGAQH/AgEBMB0GA1UdDgQWBBRHKfIfJrrA2DACFrunVSmdnJHO
+    1zAKBggqhkjOPQQDAgNIADBFAiAoqc0+cHeq/8SQN16CKjVvXpZuMkg7NLDoWYMw
+    KgmzowIhAJlkxzBdVngwnJu8uPrVizTGF6XtmUHdJ0NDeccEqUCr
+    -----END CERTIFICATE-----
+  '';
+in
+{
+  security.pki.certificates = [
+    caddyRootCA # self-signed pki ca for my home-lab
+  ];
+}