diff options
Diffstat (limited to 'modules/services/acme.nix')
-rw-r--r-- | modules/services/acme.nix | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/modules/services/acme.nix b/modules/services/acme.nix deleted file mode 100644 index b3ebb26..0000000 --- a/modules/services/acme.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, lib, ... }: - -with lib; -let - cfg = config.modules.services.acme; -in -{ - options.modules.services.acme = { - enable = mkEnableOption "ACME certificate manager"; - email = mkOption { - type = types.str; - description = mdDoc '' - The postmaster email address to use. - ''; - }; - certs = mkOption { - type = types.attrsOf - (types.submodule { - options = { - domain = mkOption { - type = types.nullOr types.str; - default = null; - }; - subDomains = mkOption { type = types.listOf types.str; }; - }; - }); - }; - secrets.acme-credentials = mkOption { type = types.str; description = "path to the acme environment file"; }; - }; - - config = mkIf cfg.enable { - security.acme = { - acceptTerms = true; - defaults.email = cfg.email; - certs = mapAttrs - (name: { domain, subDomains }: { - extraDomainNames = lists.forEach subDomains (elem: elem + ".${name}"); - } // { - dnsProvider = "cloudflare"; - dnsPropagationCheck = true; - credentialsFile = cfg.secrets.acme-credentials; - } // optionalAttrs (domain != null) { - domain = domain; - }) - cfg.certs; - }; - - modules.persistence.directories = [ - "/var/lib/acme" - ]; - }; -} |