From 7326c1f3f196f734ec945b46bbd18dc4f76b9d0f Mon Sep 17 00:00:00 2001
From: vindard <17693119+vindard@users.noreply.github.com>
Date: Fri, 27 Oct 2023 14:23:35 -0400
Subject: [PATCH] fix: ensure cacert is present in /nix/store in image

---
 flake.nix | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/flake.nix b/flake.nix
index fd9a51577e..b4ddb3f15d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -175,12 +175,12 @@
           consent = nextDerivation {pkgName = "consent";};
           dashboard = nextDerivation {pkgName = "dashboard";};
 
-          dockerImage = pkgs.dockerTools.buildImage {
+          dockerImage = dockerTools.buildImage {
             name = "galoy-dev";
             tag = "latest";
 
             # Optional base image to bring in extra binaries for debugging etc.
-            fromImage = pkgs.dockerTools.pullImage {
+            fromImage = dockerTools.pullImage {
               imageName = "ubuntu";
               imageDigest = "sha256:4c32aacd0f7d1d3a29e82bee76f892ba9bb6a63f17f9327ca0d97c3d39b9b0ee";
               sha256 = "f1661f16a23427d0eda033ffbf7df647a6f71673b78ee24961fae27978691d4f";
@@ -190,11 +190,16 @@
 
             config = {
               Cmd = ["bash"];
+              Env =
+                [
+                  "GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt"
+                  "SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt"
+                ];
             };
 
-            copyToRoot = pkgs.buildEnv {
+            copyToRoot = buildEnv {
               name = "image-root";
-              paths = nativeBuildInputs ++ [ pkgs.bash ];
+              paths = nativeBuildInputs ++ [ bash ];
               pathsToLink = [ "/bin" ];
             };
           };