diff options
Diffstat (limited to 'hosts')
-rw-r--r-- | hosts/surtr/tls.nix | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix index 17c49d1e..5b583235 100644 --- a/hosts/surtr/tls.nix +++ b/hosts/surtr/tls.nix | |||
@@ -1,5 +1,7 @@ | |||
1 | { pkgs, ... }: | 1 | { config, pkgs, ... }: |
2 | let | 2 | let |
3 | knotCfg = config.services.knot; | ||
4 | |||
3 | knotDNSCredentials = zone: pkgs.writeText "lego-credentials" '' | 5 | knotDNSCredentials = zone: pkgs.writeText "lego-credentials" '' |
4 | EXEC_PATH=${knotDNSExec zone}/bin/update-dns.sh | 6 | EXEC_PATH=${knotDNSExec zone}/bin/update-dns.sh |
5 | ''; | 7 | ''; |
@@ -12,21 +14,21 @@ let | |||
12 | 14 | ||
13 | owner=''${fqdn%"${zone}."} | 15 | owner=''${fqdn%"${zone}."} |
14 | 16 | ||
15 | knotc zone-begin "${zone}" | 17 | ${knotCfg.cliWrappers}/bin/knotc zone-begin "${zone}" |
16 | 18 | ||
17 | case "''${mode}" in | 19 | case "''${mode}" in |
18 | present) | 20 | present) |
19 | knotc zone-set ${zone} "''${owner}" 300 TXT "''${challenge}" | 21 | ${knotCfg.cliWrappers}/bin/knotc zone-set ${zone} "''${owner}" 300 TXT "''${challenge}" |
20 | ;; | 22 | ;; |
21 | cleanup) | 23 | cleanup) |
22 | knotc zone-unset ${zone} "''${owner}" TXT "''${challenge}" | 24 | ${knotCfg.cliWrappers}/bin/knotc zone-unset ${zone} "''${owner}" TXT "''${challenge}" |
23 | ;; | 25 | ;; |
24 | *) | 26 | *) |
25 | exit 2 | 27 | exit 2 |
26 | ;; | 28 | ;; |
27 | esac | 29 | esac |
28 | 30 | ||
29 | knotc zone-commit "${zone}" | 31 | ${knotCfg.cliWrappers}/bin/knotc zone-commit "${zone}" |
30 | ''; | 32 | ''; |
31 | in { | 33 | in { |
32 | config = { | 34 | config = { |