Skip to content

Commit

Permalink
=
Browse files Browse the repository at this point in the history
  • Loading branch information
@oluceps
oluceps committed Oct 14, 2024
1 parent d85fc94 commit f9d0bcc
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 32 deletions.
52 changes: 26 additions & 26 deletions hosts/hastur/caddy.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,35 +146,35 @@
};
};
tls = {
automation.policies = [
{
subjects = [
"*.nyaw.xyz"
"nyaw.xyz"
];
issuers = [
{
module = "acme";
challenges = {
dns = {
provider = {
name = "porkbun";
api_key = "{env.PORKBUN_API_KEY}";
api_secret_key = "{env.PORKBUN_API_SECRET_KEY}";
};
};
};
}
];
}
];
# certificates.load_files = [
# automation.policies = [
# {
# certificate = "/run/credentials/caddy.service/nyaw.cert";
# key = "/run/credentials/caddy.service/nyaw.key";
# tags = [ "cert0" ];
# subjects = [
# "*.nyaw.xyz"
# "nyaw.xyz"
# ];
# issuers = [
# {
# module = "acme";
# challenges = {
# dns = {
# provider = {
# name = "porkbun";
# api_key = "{env.PORKBUN_API_KEY}";
# api_secret_key = "{env.PORKBUN_API_SECRET_KEY}";
# };
# };
# };
# }
# ];
# }
# ];
certificates.load_files = [
{
certificate = "/run/credentials/caddy.service/nyaw.cert";
key = "/run/credentials/caddy.service/nyaw.key";
tags = [ "cert0" ];
}
];
};
};
};
Expand Down
9 changes: 3 additions & 6 deletions repack/reuse-cert.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,9 @@ reIf (
acc
// {
${i.name} = {
serviceConfig.LoadCredential = lib.mkIf i.cond (
(map (lib.genCredPath config)) [
"nyaw.cert"
"nyaw.key"
]
);
serviceConfig.BindReadOnlyPaths = lib.mkIf i.cond [
"-/var/lib/caddy/certificates/acme-v02.api.letsencrypt.org-directory/"
];
};
}
) { } nameCondPair)
Expand Down

0 comments on commit f9d0bcc

Please sign in to comment.