acme@surtr: ...

2 files changed, 2 insertions, 7 deletions

diff --git a/hosts/surtr/dns/zones/org.rheperire.soa b/hosts/surtr/dns/zones/org.rheperire.soa
index f6903d4f..8d6528ca 100644
--- a/hosts/surtr/dns/zones/org.rheperire.soa
+++ b/hosts/surtr/dns/zones/org.rheperire.soa
@@ -1,7 +1,7 @@
 $ORIGIN rheperire.org.
 $TTL 3600
 @ IN SOA ns.yggdrasil.li. root.yggdrasil.li. (
-  2021053004 ; serial
+  2021053006 ; serial
   10800      ; refresh
   3600       ; retry
   604800     ; expire
@@ -21,8 +21,3 @@ $TTL 3600
 *                       IN      AAAA    2a03:4000:6:d004::
 *                       IN      MX      0 ymir.yggdrasil.li.
 *                       IN      TXT     "v=spf1 redirect=yggdrasil.li"
-
-_acme-challenge         IN      A       188.68.51.254
-_acme-challenge         IN      AAAA    2a03:4000:6:d004::
-_acme-challenge         IN      MX      0 ymir.yggdrasil.li.
-_acme-challenge      60 IN      TXT     "v=spf1 redirect=yggdrasil.li"
diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix
index 73aaba07..cc868f45 100644
--- a/hosts/surtr/tls.nix
+++ b/hosts/surtr/tls.nix
@@ -4,7 +4,6 @@ let
   
   knotDNSCredentials = zone: pkgs.writeText "lego-credentials" ''
     EXEC_PATH=${knotDNSExec zone}/bin/update-dns.sh
-    EXEC_PROPAGATION_TIMEOUT=600
   '';
   knotDNSExec = zone: pkgs.writeScriptBin "update-dns.sh" ''
     #!${pkgs.zsh}/bin/zsh -xe
@@ -50,6 +49,7 @@ in {
           extraDomainNames = [ "*.rheperire.org" ];
           dnsProvider = "exec";
           credentialsFile = knotDNSCredentials "rheperire.org";
+          dnsPropagationCheck = false;
         };
       };
     };