Updated services logic

2024-11-22 03:51:27 +00:00 · 2020-12-21 12:55:36 +02:00 · 2020-12-21 12:55:36 +02:00 · b2ccc9be90
parent 1e3176e777
commit b2ccc9be90
1 changed files with 38 additions and 47 deletions
--- a/85
+++ b/85
@ -138,42 +138,37 @@ EOF
 { pkgs, ... }:
 {
  users.groups.acmerecievers = {
-    members = [ "nginx" "dovecot2" "postfix" "virtualMail" "ocserv" ];
+    members = [ "nginx" "dovecot2" "postfix" "virtualMail" "bitwarden_rs" "nextcloud" "uwsgi" ];
  };
  security.acme = {
    acceptTerms = true;
    email = "$USER@$DOMAIN";
-    certs."$DOMAIN" = {
-      group = "acmerecievers";
-    };
-  };
-}
-EOF
-
-  mkdir -p /etc/nixos/letsencrypt
-  cat > /etc/nixos/letsencrypt/acme.nix << EOF
-{ pkgs, ... }:
-{
-  systemd = {
-    timers.certbot-renew = {
-      wantedBy = [ "timers.target" ];
-      partOf = [ "certbot-renew.service" ];
-      timerConfig.OnCalendar = "monthly";
-    };
-    services.certbot-renew = {
-      path = with pkgs; [
-        letsencrypt
-      ];
-      serviceConfig = {
-        Type = "oneshot";
-	ExecStart = "${pkgs.letsencrypt}/bin/certbot renew";
+    certs = {
+      "$DOMAIN" = {
+        group = "acmerecievers";
+      };
+      "git.$DOMAIN" = {
+        group = "acmerecievers";
+      };
+      "cloud.$DOMAIN" = {
+        group = "acmerecievers";
+      };
+      "password.$DOMAIN" = {
+        group = "acmerecievers";
+      };
+      "api.$DOMAIN" = {
+        group = "acmerecievers";
+      };
+      "meet.$DOMAIN" = {
+        group = "acmerecievers";
      };
    };
  };
 }
 EOF

-  cat > /etc/nixos/letsencrypt/acme.nix << EOF
+  mkdir -p /etc/nixos/letsencrypt
+  cat > /etc/nixos/letsencrypt/certbot.nix << EOF
 { pkgs, ... }:
 {
  systemd = {
@ -399,27 +394,23 @@ EOF
      httpAddress = "0.0.0.0";
      httpPort = 3000;
      cookieSecure = true;
-      extraConfig = ''
-[mailer]
-ENABLED = false
-
-[ui]
-DEFAULT_THEME = arc-green
-
-[ui.meta]
-AUTHOR = $NAME $SURNAME
-DESCRIPTION = $NAME's Personal Git Repository
-KEYWORDS = development
-
-[picture]
-DISABLE_GRAVATAR = true
-
-[admin]
-ENABLE_KANBAN_BOARD = true
-
-[repository]
-FORCE_PRIVATE = false
-'';
+      settings = {
+        mailer = {
+          ENABLED = false;
+	    };
+	    ui = {
+          DEFAULT_THEME = "arc-green";
+	    };
+	    picture = {
+          DISABLE_GRAVATAR = true;
+	    };
+	    admin = {
+          ENABLE_KANBAN_BOARD = true;
+	    };
+	    repository = {
+          FORCE_PRIVATE = false;
+	    };
+      };
    };
  };
 }