about summary refs log tree commit diff
path: root/nixos/cobalt/services/acme.nix
diff options
context:
space:
mode:
authorsefidel <contact@sefidel.net>2023-02-06 18:11:33 +0900
committersefidel <contact@sefidel.net>2023-02-06 18:11:33 +0900
commited8f7258538bcf3f2d2d62ab497a895ee441b41b (patch)
tree2b4b96bbf5265e603ac77cc2e296fb39923f0bbd /nixos/cobalt/services/acme.nix
parentb0e8933004d53f01a2f014c051dcd499fc42a026 (diff)
downloadnixrc-ed8f7258538bcf3f2d2d62ab497a895ee441b41b.tar.gz
nixrc-ed8f7258538bcf3f2d2d62ab497a895ee441b41b.zip
feat(nixos/cobalt): acme: specify subdomains instead of wildcard
Diffstat (limited to 'nixos/cobalt/services/acme.nix')
-rw-r--r--nixos/cobalt/services/acme.nix6
1 files changed, 5 insertions, 1 deletions
diff --git a/nixos/cobalt/services/acme.nix b/nixos/cobalt/services/acme.nix
index b41ae1c..d28bfc7 100644
--- a/nixos/cobalt/services/acme.nix
+++ b/nixos/cobalt/services/acme.nix
@@ -7,7 +7,11 @@ in
     defaults.email = poorObfuscation "sefidel.com" "postmaster";
     certs = {
       "sefidel.com" = {
-        domain = "*.sefidel.com";
+        domain = "sefidel.com";
+        extraDomainNames = [
+          "bouncer.sefidel.com"
+          "git.sefidel.com"
+        ];
         dnsProvider = "hetzner";
         dnsPropagationCheck = true;
         credentialsFile = "/persist/secrets/hetzner.key";