44 lines
1.2 KiB
Nix
44 lines
1.2 KiB
Nix
|
{
|
||
|
config,
|
||
|
lib,
|
||
|
pkgs,
|
||
|
self,
|
||
|
...
|
||
|
}: let
|
||
|
exDomain = (import ./ex-domain.nix) lib;
|
||
|
pubsolarDomain = import ./pubsolar-domain.nix;
|
||
|
|
||
|
hostingdeProviderConf = {
|
||
|
dnsProvider = "hostingde";
|
||
|
credentialsFile = "${pkgs.writeText "hostingde-creds" ''
|
||
|
HOSTINGDE_API_KEY_FILE=${config.age.secrets."hosting.de-api.key".path}
|
||
|
''}";
|
||
|
};
|
||
|
in {
|
||
|
age.secrets."hosting.de-api.key" = {
|
||
|
file = "${self}/secrets/hosting.de-api.key";
|
||
|
mode = "440";
|
||
|
owner = "acme";
|
||
|
};
|
||
|
|
||
|
security.acme = {
|
||
|
acceptTerms = true;
|
||
|
defaults.email = "acme@benjaminbaedorf.eu";
|
||
|
|
||
|
certs."b12f.io" = hostingdeProviderConf;
|
||
|
certs."mail.b12f.io" = hostingdeProviderConf;
|
||
|
certs."transmission.b12f.io" = hostingdeProviderConf;
|
||
|
|
||
|
certs."${exDomain}" = hostingdeProviderConf;
|
||
|
certs."mail.${exDomain}" = hostingdeProviderConf;
|
||
|
|
||
|
certs."${pubsolarDomain}" = hostingdeProviderConf;
|
||
|
certs."www.${pubsolarDomain}" = hostingdeProviderConf;
|
||
|
certs."auth.${pubsolarDomain}" = hostingdeProviderConf;
|
||
|
certs."git.${pubsolarDomain}" = hostingdeProviderConf;
|
||
|
certs."ci.${pubsolarDomain}" = hostingdeProviderConf;
|
||
|
certs."list.${pubsolarDomain}" = hostingdeProviderConf;
|
||
|
certs."obs-portal.${pubsolarDomain}" = hostingdeProviderConf;
|
||
|
};
|
||
|
}
|