diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-05-30 16:29:31 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-05-30 16:29:31 +0200 |
commit | 014c45c7bd3d3dbc5ad08e33fd19b95c007ca6d9 (patch) | |
tree | 1f237460beab16493036f19ad12c4fc3b1f9598c /hosts/surtr/tls.nix | |
parent | 78e809328f5ca0f932d5878fdd9180557c0f6d1e (diff) | |
download | nixos-014c45c7bd3d3dbc5ad08e33fd19b95c007ca6d9.tar nixos-014c45c7bd3d3dbc5ad08e33fd19b95c007ca6d9.tar.gz nixos-014c45c7bd3d3dbc5ad08e33fd19b95c007ca6d9.tar.bz2 nixos-014c45c7bd3d3dbc5ad08e33fd19b95c007ca6d9.tar.xz nixos-014c45c7bd3d3dbc5ad08e33fd19b95c007ca6d9.zip |
acme@surtr: ...
Diffstat (limited to 'hosts/surtr/tls.nix')
-rw-r--r-- | hosts/surtr/tls.nix | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix index 17c49d1e..5b583235 100644 --- a/hosts/surtr/tls.nix +++ b/hosts/surtr/tls.nix | |||
@@ -1,5 +1,7 @@ | |||
1 | { pkgs, ... }: | 1 | { config, pkgs, ... }: |
2 | let | 2 | let |
3 | knotCfg = config.services.knot; | ||
4 | |||
3 | knotDNSCredentials = zone: pkgs.writeText "lego-credentials" '' | 5 | knotDNSCredentials = zone: pkgs.writeText "lego-credentials" '' |
4 | EXEC_PATH=${knotDNSExec zone}/bin/update-dns.sh | 6 | EXEC_PATH=${knotDNSExec zone}/bin/update-dns.sh |
5 | ''; | 7 | ''; |
@@ -12,21 +14,21 @@ let | |||
12 | 14 | ||
13 | owner=''${fqdn%"${zone}."} | 15 | owner=''${fqdn%"${zone}."} |
14 | 16 | ||
15 | knotc zone-begin "${zone}" | 17 | ${knotCfg.cliWrappers}/bin/knotc zone-begin "${zone}" |
16 | 18 | ||
17 | case "''${mode}" in | 19 | case "''${mode}" in |
18 | present) | 20 | present) |
19 | knotc zone-set ${zone} "''${owner}" 300 TXT "''${challenge}" | 21 | ${knotCfg.cliWrappers}/bin/knotc zone-set ${zone} "''${owner}" 300 TXT "''${challenge}" |
20 | ;; | 22 | ;; |
21 | cleanup) | 23 | cleanup) |
22 | knotc zone-unset ${zone} "''${owner}" TXT "''${challenge}" | 24 | ${knotCfg.cliWrappers}/bin/knotc zone-unset ${zone} "''${owner}" TXT "''${challenge}" |
23 | ;; | 25 | ;; |
24 | *) | 26 | *) |
25 | exit 2 | 27 | exit 2 |
26 | ;; | 28 | ;; |
27 | esac | 29 | esac |
28 | 30 | ||
29 | knotc zone-commit "${zone}" | 31 | ${knotCfg.cliWrappers}/bin/knotc zone-commit "${zone}" |
30 | ''; | 32 | ''; |
31 | in { | 33 | in { |
32 | config = { | 34 | config = { |