diff options
-rw-r--r-- | ymir.nix | 15 |
1 files changed, 13 insertions, 2 deletions
@@ -806,11 +806,22 @@ in rec { | |||
806 | certs = { | 806 | certs = { |
807 | "yggdrasil.li" = { | 807 | "yggdrasil.li" = { |
808 | group = "ssl"; | 808 | group = "ssl"; |
809 | webroot = "/srv/www/acme"; | ||
810 | email = "phikeebaogobaegh@141.li"; | 809 | email = "phikeebaogobaegh@141.li"; |
810 | keyType = "rsa4096"; | ||
811 | dnsProvider = "rfc2136"; | ||
812 | credentialsFile = pkgs.writeText "rfc2136-credentials.env" '' | ||
813 | RFC2136_NAMESERVER=202.61.241.61:53 | ||
814 | RFC2136_TSIG_ALGORITHM=hmac-sha256. | ||
815 | RFC2136_TSIG_KEY=ymir_acme_key | ||
816 | RFC2136_TSIG_SECRET_FILE=/etc/acme_tsig_secret | ||
817 | RFC2136_TTL=0 | ||
818 | RFC2136_PROPAGATION_TIMEOUT=60 | ||
819 | RFC2136_POLLING_INTERVAL=2 | ||
820 | ''; | ||
821 | dnsResolver = "127.0.0.1"; | ||
811 | extraDomainNames = myDomains; | 822 | extraDomainNames = myDomains; |
812 | postRun = '' | 823 | postRun = '' |
813 | systemctl reload nginx.service dovecot2.service postfix.service ejabberd.service vsftpd.service infinoted.service | 824 | systemctl try-reload-or-restart nginx.service dovecot2.service postfix.service ejabberd.service vsftpd.service infinoted.service |
814 | ''; | 825 | ''; |
815 | }; | 826 | }; |
816 | }; | 827 | }; |