summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ymir.nix15
1 files changed, 13 insertions, 2 deletions
diff --git a/ymir.nix b/ymir.nix
index 8f01ad6b..b1ba6033 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -806,11 +806,22 @@ in rec {
806 certs = { 806 certs = {
807 "yggdrasil.li" = { 807 "yggdrasil.li" = {
808 group = "ssl"; 808 group = "ssl";
809 webroot = "/srv/www/acme";
810 email = "phikeebaogobaegh@141.li"; 809 email = "phikeebaogobaegh@141.li";
810 keyType = "rsa4096";
811 dnsProvider = "rfc2136";
812 credentialsFile = pkgs.writeText "rfc2136-credentials.env" ''
813 RFC2136_NAMESERVER=202.61.241.61:53
814 RFC2136_TSIG_ALGORITHM=hmac-sha256.
815 RFC2136_TSIG_KEY=ymir_acme_key
816 RFC2136_TSIG_SECRET_FILE=/etc/acme_tsig_secret
817 RFC2136_TTL=0
818 RFC2136_PROPAGATION_TIMEOUT=60
819 RFC2136_POLLING_INTERVAL=2
820 '';
821 dnsResolver = "127.0.0.1";
811 extraDomainNames = myDomains; 822 extraDomainNames = myDomains;
812 postRun = '' 823 postRun = ''
813 systemctl reload nginx.service dovecot2.service postfix.service ejabberd.service vsftpd.service infinoted.service 824 systemctl try-reload-or-restart nginx.service dovecot2.service postfix.service ejabberd.service vsftpd.service infinoted.service
814 ''; 825 '';
815 }; 826 };
816 }; 827 };