grimm-nixos-laptop/modules/letsencrypt.nix
2024-05-08 21:50:08 +02:00

23 lines
342 B
Nix

{
lib,
config,
inputs,
pkgs,
...
}:
let
inherit (config.networking) domain;
root_email = "contact@${domain}";
in
{
security.acme = {
acceptTerms = true;
defaults.email = root_email;
certs."${domain}" = {
webroot = "/var/lib/acme/acme-challenge/";
};
};
users.users.nginx.extraGroups = [ "acme" ];
}