nixos/applications/acme.nix

{ config, ... }:{
  # group that will own the certificates
  users.groups.acme = {};

  age.secrets.acme.file = ../secrets/dns_certs.secret.age;

  security.acme = {
    preliminarySelfsigned = false;
    acceptTerms = true;

    defaults = {
      email = "admin_acme@skynet.ie";
      # we use our own dns authorative server for verifying we own the domain.
      dnsProvider = "rfc2136";
      credentialsFile = config.age.secrets.acme.path;
    };

    certs = {
      "skynet" = {
        domain = "skynet.ie";
        extraDomainNames = [
          "*.skynet.ie"
          "*.minecraft.games.skynet.ie"
          "*.pages.skynet.ie"
        ];
      };
    };
  };
}
fix: formatting and tidying up 2023-06-15 20:38:42 +00:00			`{ config, ... }:{`
acme: frontend with acme itself 2023-04-20 18:03:11 +00:00			`# group that will own the certificates`
			`users.groups.acme = {};`

			`age.secrets.acme.file = ../secrets/dns_certs.secret.age;`

			`security.acme = {`
			`preliminarySelfsigned = false;`
			`acceptTerms = true;`

			`defaults = {`
			`email = "admin_acme@skynet.ie";`
fix: formatting and tidying up 2023-06-15 20:38:42 +00:00			`# we use our own dns authorative server for verifying we own the domain.`
acme: frontend with acme itself 2023-04-20 18:03:11 +00:00			`dnsProvider = "rfc2136";`
fix: formatting and tidying up 2023-06-15 20:38:42 +00:00			`credentialsFile = config.age.secrets.acme.path;`
acme: frontend with acme itself 2023-04-20 18:03:11 +00:00			`};`

			`certs = {`
			`"skynet" = {`
			`domain = "skynet.ie";`
minecraft: got the classic server and maps up and running 2023-04-27 00:47:17 +00:00			`extraDomainNames = [`
			`"*.skynet.ie"`
			`"*.minecraft.games.skynet.ie"`
feat: added gitlab pages 2023-06-17 21:51:13 +00:00			`"*.pages.skynet.ie"`
minecraft: got the classic server and maps up and running 2023-04-27 00:47:17 +00:00			`];`
acme: frontend with acme itself 2023-04-20 18:03:11 +00:00			`};`
			`};`
			`};`
			`}`