23 lines
491 B
Nix
23 lines
491 B
Nix
{ config, lib, ... }:
|
|
|
|
{
|
|
# default acme settings
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
|
|
defaults.email = "fricloudacme.cameo530@simplelogin.com";
|
|
};
|
|
|
|
# give Nginx access to our certs
|
|
services.nginx.group = config.security.acme.defaults.group;
|
|
|
|
# acme user
|
|
users.groups."${config.security.acme.defaults.group}".members = [];
|
|
|
|
# state
|
|
environment.persistence = lib.optionalAttrs config.mine.state.enable {
|
|
root.directories = [
|
|
"/var/lib/acme"
|
|
];
|
|
};
|
|
}
|