os/modules/acme/default.nix

29 lines
569 B
Nix

{
flake,
config,
pkgs,
lib,
...
}:
{
age.secrets."hosting-de-acme-secrets" = {
file = "${flake.self}/secrets/hosting-de-acme-secrets.age";
mode = "400";
owner = "acme";
};
security.acme = {
acceptTerms = true;
defaults = {
email = "jfw@miom.space";
# server = "https://acme-staging-v02.api.letsencrypt.org/directory";
dnsProvider = "hostingde";
dnsPropagationCheck = true;
environmentFile = config.age.secrets."hosting-de-acme-secrets".path;
group = "nginx";
webroot = null;
};
};
}