diff --git a/modules/garage/default.nix b/modules/garage/default.nix index 9f3dec4..68b9bca 100644 --- a/modules/garage/default.nix +++ b/modules/garage/default.nix @@ -31,6 +31,8 @@ security.acme = { defaults = { + # LEGO_DISABLE_CNAME_SUPPORT=true set here to fix issues with CNAME + # detection, as we use wildcard DNS for garage environmentFile = config.age.secrets.acme-namecheap-env.path; }; certs = { @@ -40,7 +42,6 @@ webroot = null; # enable dns challenge dnsProvider = "namecheap"; - dnsPropagationCheck = false; }; # Wildcard certificate gets created automatically "web.${config.pub-solar-os.networking.domain}" = { @@ -48,7 +49,6 @@ webroot = null; # enable dns challenge dnsProvider = "namecheap"; - dnsPropagationCheck = false; }; }; }; diff --git a/secrets/acme-namecheap-env.age b/secrets/acme-namecheap-env.age index 4a90b58..684c30f 100644 --- a/secrets/acme-namecheap-env.age +++ b/secrets/acme-namecheap-env.age @@ -1,47 +1,48 @@ age-encryption.org/v1 --> ssh-ed25519 NID4eA ST5vuBY34mBdhLIkNLqaIOY9Bbp34OcNCm5t39OpR1U -abFLT6kV7/nX/wSV+V/2GSCa2vOuZgCnn5edh5ixNxg --> ssh-ed25519 9RQHxg AXA6PsHeeFJh55sX5uO+HVshRlRzNxvSIGCpPChorUA -30i8zc2wjovEn0LLh8YzUupRGeQQqeMf6Mhkx2t5xhk --> ssh-ed25519 eP5MMw ZXLt8+mk1I4CtbXe7fAW69kbHViKHSmfI5N0bU738yc -lexop3bpWsTUdd3y5y0kODgKwhdOeF76Meavv/Br54M --> ssh-ed25519 uYcDNw UdYgsm2ZxtFOPXV9pnSt5d7K/hWfrg2GoVzG48ziOFc -EXvAGb9aPu3GLsjl0QXEQgVuiHKSrQaMEW0UBcQmpZA +-> ssh-ed25519 NID4eA WtfgDmnK5l9s9DMhWgmk+tel+/uqPx8SHBd0qfWY3jk +ZS3Qu4v3pnA+lYzJ3kad7T3LhcY7oE8fPsGQ1uQH1AA +-> ssh-ed25519 9RQHxg SpHG3ijNizTi1YXvZCJS79Uwt4oGkYzqIme+eqQi9AQ +GqVhyfaTF6tLwuo0vIby0vBv3JufHz59IdNX9ifWtSA +-> ssh-ed25519 eP5MMw 9uU7tlyOzOxlsW/bfUmzjgicU3i2J5uCGWEVIljnHiM +tDJdTB1rBJTXVaGFOOmtG5n2Ae0XOCsi41S0EagRmeM +-> ssh-ed25519 uYcDNw ge+lEVE8+pS/S+eO+6sPqo/czym30CJbQnhTp11NsW4 +jxL7Xhn/7JRylJ/JbeGkmhMMeJ8G2KPEKVVq1icQXKU -> ssh-rsa f5THog -r7bcUkt6dUxG5uYuLYfpfT+/DrConi8lzZwXQr/NTPc0NduG5qHktgesVpVN1Hyj -a9ziumKtnSxmhdzJESRMezkQG7fK7qpjQI99tYmIM3unjq/dg8/GTQbMKnZY57o+ -Itu0LW9MKH83Z/3Vcv3qLZmULtcsfcXqjwIr2SDOjjsMhENG4KmOzX6wOVYuSWkp -96fSGuFCy5cWrd6omfcqwQDGHd7APw6+bHwQ2rhCqkGSk+fAjJFEVgjKYowHtt+5 -sq1a7E5xZjNAETU9xw+baehMCXwSAuUdYGK5KTLtCar3c+FLPUtfapadsAR65iB5 -/uqoRLZidpFkFl1yDsboo0uq0esRSrb9xy0KXIR7XeKaEjSKKgwFeefZrQ1Z968f -opXm/rmgkh202vO2NLQfDUz81hBrW+JH6E/SmKIYGYFIauoaxmYWzpaSmq7IAfIj -2pxVyz74ryaYU9brJB/LsWc0elCcl1zo/e0OcxaLzzocDftpNk+dmYNQ5GuLFV9K -uKh9uOopqTcrSLKiQ3Jnvsj5LEltv7oJE4u2OZyR6erCpz6ZL0bb2xJ+EkRTuvq5 -2ktXvSCMOWp0j7pHDeMQaldU656w0AS9JgoOSl22euZBFC1qxwvymFYNPLAAQBTU -bojIYFtJQGv3hrCgAWSJXL5yEcVVBUQV4GU0EAelq6k +Ybod3f7gvCiBUcNyLV6AXoBchtRGspQah9JwygSGCtBKmWPOUSw3/DVva9nPVwHB +q4t05bEHINMZIoWy4l3VQ1jw+GTxW+6OeWDHrxHOG2hlu1/OT0tZnsQIjWwT/6Sg +fzy6X04yD2ADkwHH6VJYjC2Lxa7kEOeCeKOACyyab7rlXk+HauytUDlcF3Nl3nOc +JQZzfwIORU0XWVy+gDocwVqDaRJXZxhMW8oDjlU8BKgf/DpvExLfuZ9AHHJBU0Y9 +HefbTbGO1s5J0T+HEkuIDce9iPQEe8ufaSVO6tKyHpgguIAiLIkjqrdLNRmXv/y8 +9W653Xqar7fimd/sykb4K/PpdwvQcB9Ogy23t6s3Qxz5yPtC2m8IC3lgR+N+/nJO +n29QuXFBNUZu/QBXnWMS2QF09MGE2aav/CiwFuNiTf5D4UGGN3Y7XhX/KVOFJTZX +r1GLtch6rvD9RtfyKxAdbtCqbBEQJmoiut9ia5EzG4TvdPAE4XK3QNTn2BSmfjvI +3aXiXOFSbdJqkxyI6ZU2mUMMor3OWrXxWizDDYef6iHZxGlWFqA/kVXyZgdwTK9n +8Re6SYR8roH7T35eILzP4sskElN32UO/A+JyGfP1lOclGTlOrtp4HYTfY0NhhRJT +L7YIB0pNbaRxMBsxsxwU47j3qMkaO1uzP+DgpUacWJY -> ssh-rsa kFDS0A -dc3I3vVWe3V5XtUaNsIuFdes+nN7D981BPS9CdyQv/lDHf+G+KecyqeqPF1ZHq/F -emnfGZDGjemSjd5hPDLkFKQ2zmKH+qabH5s2YYH3OgQc4xtdVfuhfEH+MAgO2ajy -1PFAu9qyCXz8h30LIcXI69rILAUPrFbWGFxfAEAjV5PXdOj9BcDDpa6vafY9etVL -mQQYSIyocUkFNhYUAivXcNzQEW5RY1sJkW4184BTdNyqnjBd1QtIRryssaod3rC6 -oGfxFUoOSG0o4QtrZfoo7Re8sR5gLVZrjBsoUAihQ/PgTk69JRsmAHef63rfNHO/ -4tmQzDA2F+cj1HtPPqpyetBRoxaRmJiNy4pmEkxFh3I9YSYdWPCDm6ntXcxi6KNK -G41LzGy882EsiXeKAtX88FndEv70Ks7aXCk8RKiCJDRWUQAZhKfWN4/epZRwRupI -ESceZCAElqI1QDyFnfuvDRkgjvyCeMqRG0vvgvTQdUW/2CSADeqKe0/MwNiwWFGJ -g8jg9zZk7lT6AiqsclsmbW6hLA/+Gh8Yn7uuix57NxlNcB/MFoKVhLRlEfqSQz3O -ZeEs0aGS5Q3GB1Up5dh5ug7QiMxNyGPKtZKCfE/fcVriGV1s7mdMk/v6DBGRDZYP -cZT2eCqO4CR498DcZmEGmblzM5j5HecoIT1MRlpKGnE --> piv-p256 vRzPNw ApGjOu3qnsHn8q8MRNsM+hK8FdQa7c4mjWvBDgV6zzYr -zLZTP4agbTP96RdSDRaQE0QLCdiAw7PVgS7vqHCiOc0 --> piv-p256 zqq/iw A1RFt8g45pY/xKZHYRcrIKFWWVu1moRiEqYUNFzIMQnq -NLOrT+6BNE0Oj/RbTZ08y75o2+/Ze2iFEHU08WDkUPo --> ssh-ed25519 YFSOsg rHIQYA0LpOtjV/Qy5FvsLkICwAHny1wcRji2t+nk7Uk -yvU8CdJAvt1TUlC8GjdBWvV49UzPJsrGSdjM1SBk3KE --> ssh-ed25519 iHV63A cTbbkXP0/MCZopICjPI4FlFPNhwJUQRzfhvkQ+0tMW0 -WQYU05l05fp9WriD/DcImXpq1QxtGYt9HMCQZEvFmv4 --> ssh-ed25519 BVsyTA d/HQ6tLuyFmCbWNx2Y34f3lX7wmHkRjnXle4y7DYiC0 -TLk1E+wSdZjoNEhn6VYjVg9WUOU7Flntx0+lF4AY/kQ --> ssh-ed25519 +3V2lQ Pjkt+aKYUa9w4qELEpYc6bm2EfBPf0HhmHAXAfix3wA -zL+wczUJ632M+9PSEWTLc0UikNL1QSFyjuaKqvY8NQo ---- +CyD1ByF5fDQgtfi7NfiASk8ldY8LOJE/nOUe/JnSFE -^QlH2(B ^qa;Y[bIۡc7[YiMԑ٫)qa,Rcr^Len~w piv-p256 vRzPNw A2dcPImS0ih5CjePQP5oPrPfwns6zAMP0J72P7fyzD/A +p46umKyZjbc1MjOQGnJIRu6V99O+/PmVXQvryX/9XW4 +-> piv-p256 zqq/iw A5nBHU2O+bxsFqplf2GV6pK5wQ+hJ9l7tyFIe57QVKzw +Ik6aUY3t4geZ3yiWPqBGlBem9xNU83x7t3UA7pYB55I +-> ssh-ed25519 YFSOsg OhynWXlurzqU3ohq1ecH018Ja4wyWazDLv6isajeBUE +Xnjo8yS9IkMwCGNeLi6BABYxjXDLbpuTrVfwAxjDWdQ +-> ssh-ed25519 iHV63A 5CVIOtSwima5gIvwoAYExcy1tfOo8942RQ+SsflPbAM +4HV21GcuyddIjonOZZFgjgpR5smjce7OlMN3DCy0/sU +-> ssh-ed25519 BVsyTA mkLu2Vpr16bAZWimh6sViq5HlB1+lNOc2WPCxzgfqAg +cIDgWit139jipd7XmZcT8mTRDKK8rJV9xIxIaPVL9pM +-> ssh-ed25519 +3V2lQ eqfktAyV2Pia7T7XEfcYiHN9Jd4zivMzJk3in4XOTx0 +gZzO+MTyBOJR1EgGn4Mhh4rnIyr3N9gmlFty83ou+GU +--- yJrzTzStOkRCNRu3Y+knfqTqHrwW0S0Bsko7oG/s86o +,BgmfT`1&1%7Q(:? +jO_rqwiOD)@0ZK'+apU<`ct. XN+h='Vn^HHv5aanKDי \ No newline at end of file