diff options
Diffstat (limited to 'profiles')
| -rw-r--r-- | profiles/acme.nix | 18 | ||||
| -rw-r--r-- | profiles/nas.nix | 2 |
2 files changed, 19 insertions, 1 deletions
diff --git a/profiles/acme.nix b/profiles/acme.nix new file mode 100644 index 0000000..7fc62d3 --- /dev/null +++ b/profiles/acme.nix @@ -0,0 +1,18 @@ +{ pkgs, lib, config, ... }: +let + secrets = config.age.secrets; +in +{ + security.acme.acceptTerms = true; + security.acme.defaults = { + email = "le@fcuny.net"; + dnsProvider = "gandiv5"; + group = config.services.nginx.group; + credentialsFile = secrets."gandi/apikey".path; + dnsPropagationCheck = true; + }; + security.acme.certs."${config.homelab.domain}" = { + domain = "*.${config.homelab.domain}"; + extraDomainNames = [ config.homelab.domain ]; + }; +} diff --git a/profiles/nas.nix b/profiles/nas.nix index d1033af..7dc92da 100644 --- a/profiles/nas.nix +++ b/profiles/nas.nix @@ -1,8 +1,8 @@ { config, pkgs, ... }: { imports = [ - ./server.nix ./btrfs.nix + ./server.nix ]; users.groups.nas.gid = 5000; |