From 0eacd61dfbda6aed732e0d196fd8fe3d97bdcf63 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Mon, 31 Jan 2022 17:52:33 +0100
Subject: ...

---
 hosts/surtr/tls.nix | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'hosts/surtr/tls.nix')

diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix
index 53fe1e5e..17de1319 100644
--- a/hosts/surtr/tls.nix
+++ b/hosts/surtr/tls.nix
@@ -60,6 +60,10 @@ let
         type = types.nullOr types.str;
         default = null;
       };
+      certCfg = mkOption {
+        type = types.attrs;
+        default = {};
+      };
     };
   };
 in {
@@ -93,7 +97,7 @@ in {
             credentialsFile = knotDNSCredentials domain;
             dnsResolver = "1.1.1.1:53";
             keyType = "rsa4096"; # we don't like NIST curves
-          };
+          } // cfg.domains.${domain}.certCfg;
         in genAttrs (attrNames cfg.domains) domainAttrset;
     };
 
-- 
cgit v1.2.3