nixos/hosts/sigma/acme.nix

35 lines
854 B
Nix
Raw Normal View History

{lib, ...}: {
2024-04-24 02:06:04 +02:00
security.acme.certs = {
"caspervk.net" = {
2024-05-31 10:33:45 +02:00
extraDomainNames = ["*.caspervk.net"];
2024-04-24 02:06:04 +02:00
reloadServices = [
"caddy.service"
2024-04-26 01:25:50 +02:00
"dovecot2.service"
"postfix.service"
2024-04-24 02:06:04 +02:00
];
# The NixOS Caddy module is a little too clever and sets the cert's group
# to 'caddy', which means other services can't load it. This is not needed
# since we handle the group membership manually.
group = lib.mkForce "acme";
};
"sudomail.org" = {
reloadServices = [
"caddy.service"
];
group = lib.mkForce "acme";
};
2024-05-31 11:42:39 +02:00
"vkristensen.dk" = {
extraDomainNames = ["*.vkristensen.dk"];
reloadServices = [
"caddy.service"
];
group = lib.mkForce "acme";
};
2024-04-16 01:49:39 +02:00
};
users.groups.acme.members = [
"caddy"
2024-04-26 01:25:50 +02:00
"dovecot2"
"postfix"
2024-04-16 01:49:39 +02:00
];
}