SelfPrivacy/selfprivacy-nixos-config
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git synced 2024-11-25 20:41:27 +00:00
Code Issues Projects Releases Wiki Activity

fix(acme): add dns propagation check exceptions

Browse source
This commit is contained in:
Inex Code 2023-07-28 03:00:17 +03:00
parent 8b68457c71
commit 17cadf4ffc
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
letsencrypt/acme.nix
View file

@ -1,6 +1,7 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
cfg = config.services.userdata; cfg = config.services.userdata;
dnsPropagationCheckExceptions = [ "DIGITALOCEAN" ];
in in
{ {
users.groups.acmerecievers = { users.groups.acmerecievers = {
@ -11,7 +12,7 @@ in
defaults = { defaults = {
email = "${cfg.username}@${cfg.domain}"; email = "${cfg.username}@${cfg.domain}";
server = if cfg.dns.useStagingACME then "https://acme-staging-v02.api.letsencrypt.org/directory" else "https://acme-v02.api.letsencrypt.org/directory"; server = if cfg.dns.useStagingACME then "https://acme-staging-v02.api.letsencrypt.org/directory" else "https://acme-v02.api.letsencrypt.org/directory";
dnsPropagationCheck = true; dnsPropagationCheck = if lib.elem cfg.dns.provider dnsPropagationCheckExceptions then false else true;
reloadServices = [ "nginx" ]; reloadServices = [ "nginx" ];
}; };
certs = lib.mkForce { certs = lib.mkForce {