diff options
Diffstat (limited to 'ymir.nix')
| -rw-r--r-- | ymir.nix | 15 |
1 files changed, 13 insertions, 2 deletions
| @@ -806,11 +806,22 @@ in rec { | |||
| 806 | certs = { | 806 | certs = { |
| 807 | "yggdrasil.li" = { | 807 | "yggdrasil.li" = { |
| 808 | group = "ssl"; | 808 | group = "ssl"; |
| 809 | webroot = "/srv/www/acme"; | ||
| 810 | email = "phikeebaogobaegh@141.li"; | 809 | email = "phikeebaogobaegh@141.li"; |
| 810 | keyType = "rsa4096"; | ||
| 811 | dnsProvider = "rfc2136"; | ||
| 812 | credentialsFile = pkgs.writeText "rfc2136-credentials.env" '' | ||
| 813 | RFC2136_NAMESERVER=202.61.241.61:53 | ||
| 814 | RFC2136_TSIG_ALGORITHM=hmac-sha256. | ||
| 815 | RFC2136_TSIG_KEY=ymir_acme_key | ||
| 816 | RFC2136_TSIG_SECRET_FILE=/etc/acme_tsig_secret | ||
| 817 | RFC2136_TTL=0 | ||
| 818 | RFC2136_PROPAGATION_TIMEOUT=60 | ||
| 819 | RFC2136_POLLING_INTERVAL=2 | ||
| 820 | ''; | ||
| 821 | dnsResolver = "127.0.0.1"; | ||
| 811 | extraDomainNames = myDomains; | 822 | extraDomainNames = myDomains; |
| 812 | postRun = '' | 823 | postRun = '' |
| 813 | systemctl reload nginx.service dovecot2.service postfix.service ejabberd.service vsftpd.service infinoted.service | 824 | systemctl try-reload-or-restart nginx.service dovecot2.service postfix.service ejabberd.service vsftpd.service infinoted.service |
| 814 | ''; | 825 | ''; |
| 815 | }; | 826 | }; |
| 816 | }; | 827 | }; |