From aeeca9ce846db92ce000f5af6f7bb58ec18b70be Mon Sep 17 00:00:00 2001
From: Inex Code <inex.code@selfprivacy.org>
Date: Sat, 7 Sep 2024 00:14:20 +0300
Subject: [PATCH] fix: Split wildcard and root domains for ACME

---
 letsencrypt/acme.nix | 1 -
 webserver/nginx.nix  | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/letsencrypt/acme.nix b/letsencrypt/acme.nix
index 734769f..a0dacd4 100644
--- a/letsencrypt/acme.nix
+++ b/letsencrypt/acme.nix
@@ -33,7 +33,6 @@ in
     certs = {
       "${cfg.domain}" = {
         domain = "*.${cfg.domain}";
-        extraDomainNames = [ "${cfg.domain}" ];
         group = "acmereceivers";
         dnsProvider = lib.strings.toLower cfg.dns.provider;
         credentialsFile = acme-env-filepath;
diff --git a/webserver/nginx.nix b/webserver/nginx.nix
index 1857b56..6488a40 100644
--- a/webserver/nginx.nix
+++ b/webserver/nginx.nix
@@ -21,7 +21,7 @@ in
     '';
     virtualHosts = {
       "${domain}" = {
-        useACMEHost = domain;
+        enableACME = true;
         forceSSL = true;
         extraConfig = ''
           add_header Strict-Transport-Security $hsts_header;