selfprivacy-nixos-config/letsencrypt/acme.nix

23 lines
557 B
Nix
Raw Normal View History

2021-11-15 10:02:05 +00:00
{ config, pkgs, ... }:
let
cfg = config.services.userdata;
in
{
users.groups.acmerecievers = {
members = [ "nginx" "dovecot2" "postfix" "virtualMail" "ocserv" ];
};
security.acme = {
acceptTerms = true;
email = "${cfg.username}@${cfg.domain}";
certs = lib.mkForce {
2021-11-15 10:02:05 +00:00
"${cfg.domain}" = {
domain = "*.${cfg.domain}";
extraDomainNames = [ "${cfg.domain}" ];
group = "acmerecievers";
dnsProvider = "cloudflare";
credentialsFile = "/var/lib/cloudflare/Credentials.ini";
2021-11-15 10:02:05 +00:00
};
};
};
}