SelfPrivacy/selfprivacy-nixos-config
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git synced 2024-11-23 03:51:29 +00:00
Code Issues Projects Releases Wiki Activity

ACME: do not disable DNS propagation check

Browse source
This commit is contained in:
Alexander Tomokhov 2023-12-20 17:38:35 +04:00
parent dcaf96c773
commit fd6e49a21a
1 changed files with 0 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
letsencrypt/acme.nix
View file

@ -13,7 +13,6 @@ let
dnsCredentialsTemplate = dnsCredentialsTemplates.${cfg.dns.provider}; dnsCredentialsTemplate = dnsCredentialsTemplates.${cfg.dns.provider};
acme-env-filepath = "/var/lib/selfprivacy/acme-env"; acme-env-filepath = "/var/lib/selfprivacy/acme-env";
secrets-filepath = "/etc/selfprivacy/secrets.json"; secrets-filepath = "/etc/selfprivacy/secrets.json";
dnsPropagationCheckExceptions = [ "DIGITALOCEAN" ];
in in
{ {
users.groups.acmereceivers.members = [ "nginx" ]; users.groups.acmereceivers.members = [ "nginx" ];
@ -22,8 +21,6 @@ in
defaults = { defaults = {
email = "${cfg.username}@${cfg.domain}"; email = "${cfg.username}@${cfg.domain}";
server = if cfg.dns.useStagingACME then "https://acme-staging-v02.api.letsencrypt.org/directory" else "https://acme-v02.api.letsencrypt.org/directory"; server = if cfg.dns.useStagingACME then "https://acme-staging-v02.api.letsencrypt.org/directory" else "https://acme-v02.api.letsencrypt.org/directory";
dnsPropagationCheck =
! (lib.elem cfg.dns.provider dnsPropagationCheckExceptions);
reloadServices = [ "nginx" ]; reloadServices = [ "nginx" ];
}; };
certs = { certs = {