fix(acme): add dns propagation check exceptions

2025-01-08 00:51:23 +00:00 · 2023-07-28 03:00:17 +03:00 · 2023-07-28 03:00:17 +03:00 · 312077240a
parent 69f84cdc2b
commit 312077240a
1 changed files with 3 additions and 1 deletions
--- a/letsencrypt/acme.nix
+++ b/letsencrypt/acme.nix
@ -13,6 +13,7 @@ let
  dnsCredentialsTemplate = dnsCredentialsTemplates.${cfg.dns.provider};
  acme-env-filepath = "/var/lib/selfprivacy/acme-env";
  secrets-filepath = "/etc/selfprivacy/secrets.json";
+  dnsPropagationCheckExceptions = [ "DIGITALOCEAN" ];
 in
 {
  users.groups.acmereceivers.members = [ "nginx" ];
@ -21,7 +22,8 @@ in
    defaults = {
      email = "${cfg.username}@${cfg.domain}";
      server = if cfg.dns.useStagingACME then "https://acme-staging-v02.api.letsencrypt.org/directory" else "https://acme-v02.api.letsencrypt.org/directory";
-      dnsPropagationCheck = false;
+      dnsPropagationCheck =
+        ! (lib.elem cfg.dns.provider dnsPropagationCheckExceptions);
      reloadServices = [ "nginx" ];
    };
    certs = lib.mkForce {