grimm-nix-server/modules/letsencrypt.nix

16 lines
330 B
Nix

{ lib, config, inputs, pkgs, ... }:
let
root_host = "grimmauld.de";
root_email = "contact@${root_host}";
in {
security.acme = {
acceptTerms = true;
defaults.email = root_email;
certs."${root_host}" = {
webroot = "/var/lib/acme/acme-challenge/";
};
};
users.users.nginx.extraGroups = [ "acme" ];
}