summaryrefslogtreecommitdiff
path: root/hosts/surtr/tls.nix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-01-31 17:52:33 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-01-31 17:52:33 +0100
commit0eacd61dfbda6aed732e0d196fd8fe3d97bdcf63 (patch)
treef9344e18bf0da6295dbe79fc85f5cdcfac6fbd1f /hosts/surtr/tls.nix
parent8a53478d3d43940736e936244d24bd47d5a3788c (diff)
downloadnixos-0eacd61dfbda6aed732e0d196fd8fe3d97bdcf63.tar
nixos-0eacd61dfbda6aed732e0d196fd8fe3d97bdcf63.tar.gz
nixos-0eacd61dfbda6aed732e0d196fd8fe3d97bdcf63.tar.bz2
nixos-0eacd61dfbda6aed732e0d196fd8fe3d97bdcf63.tar.xz
nixos-0eacd61dfbda6aed732e0d196fd8fe3d97bdcf63.zip
...
Diffstat (limited to 'hosts/surtr/tls.nix')
-rw-r--r--hosts/surtr/tls.nix6
1 files changed, 5 insertions, 1 deletions
diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix
index 53fe1e5e..17de1319 100644
--- a/hosts/surtr/tls.nix
+++ b/hosts/surtr/tls.nix
@@ -60,6 +60,10 @@ let
60 type = types.nullOr types.str; 60 type = types.nullOr types.str;
61 default = null; 61 default = null;
62 }; 62 };
63 certCfg = mkOption {
64 type = types.attrs;
65 default = {};
66 };
63 }; 67 };
64 }; 68 };
65in { 69in {
@@ -93,7 +97,7 @@ in {
93 credentialsFile = knotDNSCredentials domain; 97 credentialsFile = knotDNSCredentials domain;
94 dnsResolver = "1.1.1.1:53"; 98 dnsResolver = "1.1.1.1:53";
95 keyType = "rsa4096"; # we don't like NIST curves 99 keyType = "rsa4096"; # we don't like NIST curves
96 }; 100 } // cfg.domains.${domain}.certCfg;
97 in genAttrs (attrNames cfg.domains) domainAttrset; 101 in genAttrs (attrNames cfg.domains) domainAttrset;
98 }; 102 };
99 103