diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-22 17:12:59 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-22 17:12:59 +0100 |
commit | 61a809078058b09a4e39c2e941056b91323555c0 (patch) | |
tree | 3e3a02a13c0f1a03f67d464c3be9c4fd05fa8ef1 | |
parent | b18dfcc3020fb80c4680de980adc1f719bb371ac (diff) | |
download | nixos-61a809078058b09a4e39c2e941056b91323555c0.tar nixos-61a809078058b09a4e39c2e941056b91323555c0.tar.gz nixos-61a809078058b09a4e39c2e941056b91323555c0.tar.bz2 nixos-61a809078058b09a4e39c2e941056b91323555c0.tar.xz nixos-61a809078058b09a4e39c2e941056b91323555c0.zip |
ymir: rfc2136
-rw-r--r-- | ymir.nix | 15 |
1 files changed, 13 insertions, 2 deletions
@@ -806,11 +806,22 @@ in rec { | |||
806 | certs = { | 806 | certs = { |
807 | "yggdrasil.li" = { | 807 | "yggdrasil.li" = { |
808 | group = "ssl"; | 808 | group = "ssl"; |
809 | webroot = "/srv/www/acme"; | ||
810 | email = "phikeebaogobaegh@141.li"; | 809 | email = "phikeebaogobaegh@141.li"; |
810 | keyType = "rsa4096"; | ||
811 | dnsProvider = "rfc2136"; | ||
812 | credentialsFile = pkgs.writeText "rfc2136-credentials.env" '' | ||
813 | RFC2136_NAMESERVER=202.61.241.61:53 | ||
814 | RFC2136_TSIG_ALGORITHM=hmac-sha256. | ||
815 | RFC2136_TSIG_KEY=ymir_acme_key | ||
816 | RFC2136_TSIG_SECRET_FILE=/etc/acme_tsig_secret | ||
817 | RFC2136_TTL=0 | ||
818 | RFC2136_PROPAGATION_TIMEOUT=60 | ||
819 | RFC2136_POLLING_INTERVAL=2 | ||
820 | ''; | ||
821 | dnsResolver = "127.0.0.1"; | ||
811 | extraDomainNames = myDomains; | 822 | extraDomainNames = myDomains; |
812 | postRun = '' | 823 | postRun = '' |
813 | systemctl reload nginx.service dovecot2.service postfix.service ejabberd.service vsftpd.service infinoted.service | 824 | systemctl try-reload-or-restart nginx.service dovecot2.service postfix.service ejabberd.service vsftpd.service infinoted.service |
814 | ''; | 825 | ''; |
815 | }; | 826 | }; |
816 | }; | 827 | }; |