18 lines
508 B
Nix
18 lines
508 B
Nix
|
{ lib, config, inputs, pkgs, ... }:
|
||
|
let
|
||
|
root_host = "grimmauld.de";
|
||
|
|
||
|
# git add --intent-to-add email.txt ; git update-index --assume-unchanged email.txt
|
||
|
root_email = (builtins.elemAt (lib.strings.match "[[:space:]]*([^[:space:]]+)[[:space:]]*" (builtins.readFile ./email.txt)) 0);
|
||
|
in {
|
||
|
security.acme = {
|
||
|
acceptTerms = true;
|
||
|
defaults.email = root_email;
|
||
|
certs."${root_host}" = {
|
||
|
webroot = "/var/lib/acme/acme-challenge/";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
users.users.nginx.extraGroups = [ "acme" ];
|
||
|
}
|