diff options
author | sefidel <contact@sefidel.net> | 2024-01-24 19:18:11 +0900 |
---|---|---|
committer | sefidel <contact@sefidel.net> | 2024-01-24 19:18:11 +0900 |
commit | 497c3cd7864fdbcc546408d6d86ebfad37aa9b78 (patch) | |
tree | 6cd5bf30b9953156d71192fa96e34a863dda5926 /modules/services/acme.nix | |
parent | a1dc1ff8c07155f697a30145168820612b28b6cd (diff) | |
download | infra-modules.tar.gz infra-modules.zip |
wip: try to use infra-modules infra-modules
Diffstat (limited to 'modules/services/acme.nix')
-rw-r--r-- | modules/services/acme.nix | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/modules/services/acme.nix b/modules/services/acme.nix deleted file mode 100644 index b3ebb26..0000000 --- a/modules/services/acme.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, lib, ... }: - -with lib; -let - cfg = config.modules.services.acme; -in -{ - options.modules.services.acme = { - enable = mkEnableOption "ACME certificate manager"; - email = mkOption { - type = types.str; - description = mdDoc '' - The postmaster email address to use. - ''; - }; - certs = mkOption { - type = types.attrsOf - (types.submodule { - options = { - domain = mkOption { - type = types.nullOr types.str; - default = null; - }; - subDomains = mkOption { type = types.listOf types.str; }; - }; - }); - }; - secrets.acme-credentials = mkOption { type = types.str; description = "path to the acme environment file"; }; - }; - - config = mkIf cfg.enable { - security.acme = { - acceptTerms = true; - defaults.email = cfg.email; - certs = mapAttrs - (name: { domain, subDomains }: { - extraDomainNames = lists.forEach subDomains (elem: elem + ".${name}"); - } // { - dnsProvider = "cloudflare"; - dnsPropagationCheck = true; - credentialsFile = cfg.secrets.acme-credentials; - } // optionalAttrs (domain != null) { - domain = domain; - }) - cfg.certs; - }; - - modules.persistence.directories = [ - "/var/lib/acme" - ]; - }; -} |