2023-12-28 15:32:47 +01:00
|
|
|
{ lib, config, inputs, pkgs, ... }:
|
|
|
|
|
let
|
2024-05-08 20:45:41 +02:00
|
|
|
inherit (config.networking) domain;
|
|
|
|
|
root_email = "contact@${domain}";
|
2023-12-28 15:32:47 +01:00
|
|
|
in {
|
|
|
|
|
security.acme = {
|
|
|
|
|
acceptTerms = true;
|
|
|
|
|
defaults.email = root_email;
|
2024-05-08 20:45:41 +02:00
|
|
|
certs."${domain}" = {
|
2023-12-28 15:32:47 +01:00
|
|
|
webroot = "/var/lib/acme/acme-challenge/";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
users.users.nginx.extraGroups = [ "acme" ];
|
|
|
|
|
}
|
