From 9492129c75656885829f23126191993ccc0b112f Mon Sep 17 00:00:00 2001
From: Andrew Marshall <andrew@johnandrewmarshall.com>
Date: Wed, 12 Oct 2022 12:57:18 -0400
Subject: [PATCH] Always set NIX_SSL_CERT_FILE

Some things in nixpkgs expect this to be set. E.g.

    NIX_SSL_CERT_FILE= ruby -r net/http -e 'Net::HTTP.get(URI("https://example.com"))'

With `ruby` from Nixpkgs will always fail with e.g.

> SSL_connect returned=1 errno=0 state=error: certificate verify failed
> (unable to get local issuer certificate) (OpenSSL::SSL::SSLError)

However, with NIX_SSL_CERT_FILE set correctly, will succeed.
---
 install-nix.sh | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/install-nix.sh b/install-nix.sh
index 17b0980..27c6e5b 100755
--- a/install-nix.sh
+++ b/install-nix.sh
@@ -72,11 +72,10 @@ done
 
 sh "$workdir/install" "${installer_options[@]}"
 
+cert_file=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt
+echo "NIX_SSL_CERT_FILE=$cert_file" >> "$GITHUB_ENV"
+export NIX_SSL_CERT_FILE=$cert_file
 if [[ $OSTYPE =~ darwin ]]; then
-  # macOS needs certificates hints
-  cert_file=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt
-  echo "NIX_SSL_CERT_FILE=$cert_file" >> "$GITHUB_ENV"
-  export NIX_SSL_CERT_FILE=$cert_file
   sudo launchctl setenv NIX_SSL_CERT_FILE "$cert_file"
 fi