os/modules/acme/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

28 lines
569 B
Nix
Raw Normal View History

{
flake,
config,
pkgs,
lib,
...
}: {
age.secrets."hosting-de-acme-secrets" = {
file = "${flake.self}/secrets/hosting-de-acme-secrets.age";
mode = "400";
owner = "acme";
};
security.acme = {
acceptTerms = true;
defaults = {
email = "jfw@miom.space";
# server = "https://acme-staging-v02.api.letsencrypt.org/directory";
dnsProvider = "hostingde";
dnsPropagationCheck = true;
environmentFile = config.age.secrets."hosting-de-acme-secrets".path;
group = "nginx";
webroot = null;
};
};
}