summaryrefslogtreecommitdiff
path: root/hosts/surtr/tls.nix
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/surtr/tls.nix')
-rw-r--r--hosts/surtr/tls.nix6
1 files changed, 5 insertions, 1 deletions
diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix
index 53fe1e5e..17de1319 100644
--- a/hosts/surtr/tls.nix
+++ b/hosts/surtr/tls.nix
@@ -60,6 +60,10 @@ let
60 type = types.nullOr types.str; 60 type = types.nullOr types.str;
61 default = null; 61 default = null;
62 }; 62 };
63 certCfg = mkOption {
64 type = types.attrs;
65 default = {};
66 };
63 }; 67 };
64 }; 68 };
65in { 69in {
@@ -93,7 +97,7 @@ in {
93 credentialsFile = knotDNSCredentials domain; 97 credentialsFile = knotDNSCredentials domain;
94 dnsResolver = "1.1.1.1:53"; 98 dnsResolver = "1.1.1.1:53";
95 keyType = "rsa4096"; # we don't like NIST curves 99 keyType = "rsa4096"; # we don't like NIST curves
96 }; 100 } // cfg.domains.${domain}.certCfg;
97 in genAttrs (attrNames cfg.domains) domainAttrset; 101 in genAttrs (attrNames cfg.domains) domainAttrset;
98 }; 102 };
99 103
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 11:49:16 +0000