19 lines
489 B
Nix
19 lines
489 B
Nix
{ config, ... }:
|
|
{
|
|
age.secrets.environments-acme = {
|
|
file = ../../../secrets/environments/acme.age;
|
|
};
|
|
|
|
security.acme.acceptTerms = true;
|
|
security.acme.defaults.email = "gendulf@posteo.de";
|
|
|
|
security.acme.certs."dryb.org" = {
|
|
domain = "dryb.org";
|
|
extraDomainNames = [ "*.dryb.org" ];
|
|
dnsProvider = "cloudflare";
|
|
dnsPropagationCheck = true;
|
|
credentialsFile = config.age.secrets.environments-acme.path;
|
|
};
|
|
|
|
users.users.nginx.extraGroups = [ "acme" ];
|
|
}
|