teidesu/nixfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(koi): use security.acme.defaults

Browse source
This commit is contained in:
alina 🌸 2024-11-23 16:40:44 +03:00
parent 5fe8c75a26
commit b893d6e21e
Signed by: teidesu
SSH key fingerprint: SHA256:uNeCpw6aTSU4aIObXLvHfLkDa82HWH9EiOj9AXOIRpI
1 changed files with 14 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
hosts/koi/services/nginx.nix
View file

@ -66,28 +66,27 @@
systemd.services.nginx.after = [ "coredns.service" ]; systemd.services.nginx.after = [ "coredns.service" ];
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
security.acme.defaults.dnsResolver = "8.8.8.8:53"; # coredns tends to cache these too much security.acme.defaults = {
security.acme.certs = let dnsResolver = "8.8.8.8:53"; # coredns tends to cache these too much
common = { email = "alina@tei.su";
email = "alina@tei.su"; group = "nginx";
group = "nginx"; dnsProvider = "cloudflare";
dnsProvider = "cloudflare"; credentialFiles = {
credentialFiles = { "CLOUDFLARE_EMAIL_FILE" = config.desu.secrets.cloudflare-email.path;
"CLOUDFLARE_EMAIL_FILE" = config.desu.secrets.cloudflare-email.path; "CLOUDFLARE_API_KEY_FILE" = config.desu.secrets.cloudflare-token.path;
"CLOUDFLARE_API_KEY_FILE" = config.desu.secrets.cloudflare-token.path;
};
}; };
in { };
"stupid.fish" = common // { security.acme.certs = {
"stupid.fish" = {
extraDomainNames = [ "*.stupid.fish" ]; extraDomainNames = [ "*.stupid.fish" ];
}; };
"tei.su" = common // { "tei.su" = {
extraDomainNames = [ "*.tei.su" ]; extraDomainNames = [ "*.tei.su" ];
}; };
"tei.pet" = common // { "tei.pet" = {
extraDomainNames = [ "*.tei.pet" ]; extraDomainNames = [ "*.tei.pet" ];
}; };
"s3.stupid.fish" = common // { "s3.stupid.fish" = {
extraDomainNames = [ "*.s3.stupid.fish" ]; extraDomainNames = [ "*.s3.stupid.fish" ];
}; };
}; };