1 files changed, 15 insertions, 12 deletions
diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix
index 9581dd60..773d9379 100644
--- a/hosts/surtr/tls.nix
+++ b/hosts/surtr/tls.nix
@@ -1,4 +1,7 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
+with lib;
 let
  knotCfg = config.services.knot;
  
@@ -49,20 +52,20 @@ in {
      };
    security.acme = {
-      server = "https://acme-staging-v02.api.letsencrypt.org/directory";
-      
      acceptTerms = true;
      preliminarySelfsigned = false;
      email = "phikeebaogobaegh@141.li";
-      certs = {
+      certs =
-        "rheperire.org" = {
+        let
-          domain = "rheperire.org";
+          domains = ["dirty-haskell.org" "141.li" "xmpp.li" "yggdrasil.li" "praseodym.org" "rheperire.org" "kleen.li" "nights.email"];
-          extraDomainNames = [ "*.rheperire.org" ];
+          domainAttrset = domain: {
-          dnsProvider = "exec";
+            inherit domain;
-          credentialsFile = knotDNSCredentials "rheperire.org";
+            extraDomainNames = [ "*.${domain}" ];
-          dnsResolver = "1.1.1.1:53";
+            dnsProvider = "exec";
-        };
+            credentialsFile = knotDNSCredentials domain;
-      };
+            dnsResolver = "1.1.1.1:53";
+          };
+        in genAttrs domains domainAttrset;
    };
    users.groups."knot".members = [ "acme" ];

diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix index 9581dd60..773d9379 100644 --- a/hosts/surtr/tls.nix +++ b/hosts/surtr/tls.nix
@@ -1,4 +1,7 @@
1	{ config, pkgs, ... }:	1	{ config, lib, pkgs, ... }:
		2
		3	with lib;
		4
2	let	5	let
3	knotCfg = config.services.knot;	6	knotCfg = config.services.knot;
4		7
@@ -49,20 +52,20 @@ in {
49	};	52	};
50		53
51	security.acme = {	54	security.acme = {
52	server = "https://acme-staging-v02.api.letsencrypt.org/directory";
53
54	acceptTerms = true;	55	acceptTerms = true;
55	preliminarySelfsigned = false;	56	preliminarySelfsigned = false;
56	email = "phikeebaogobaegh@141.li";	57	email = "phikeebaogobaegh@141.li";
57	certs = {	58	certs =
58	"rheperire.org" = {	59	let
59	domain = "rheperire.org";	60	domains = ["dirty-haskell.org" "141.li" "xmpp.li" "yggdrasil.li" "praseodym.org" "rheperire.org" "kleen.li" "nights.email"];
60	extraDomainNames = [ "*.rheperire.org" ];	61	domainAttrset = domain: {
61	dnsProvider = "exec";	62	inherit domain;
62	credentialsFile = knotDNSCredentials "rheperire.org";	63	extraDomainNames = [ "*.${domain}" ];
63	dnsResolver = "1.1.1.1:53";	64	dnsProvider = "exec";
64	};	65	credentialsFile = knotDNSCredentials domain;
65	};	66	dnsResolver = "1.1.1.1:53";
		67	};
		68	in genAttrs domains domainAttrset;
66	};	69	};
67		70
68	users.groups."knot".members = [ "acme" ];	71	users.groups."knot".members = [ "acme" ];