35 lines
734 B
Nix
35 lines
734 B
Nix
|
{
|
||
|
# group that will own the certificates
|
||
|
users.groups.acme = {};
|
||
|
|
||
|
age.secrets.acme.file = ../secrets/dns_certs.secret.age;
|
||
|
|
||
|
security.acme = {
|
||
|
preliminarySelfsigned = false;
|
||
|
acceptTerms = true;
|
||
|
|
||
|
defaults = {
|
||
|
email = "admin_acme@skynet.ie";
|
||
|
dnsProvider = "rfc2136";
|
||
|
credentialsFile = "/run/agenix/acme";
|
||
|
|
||
|
# We don't need to wait for propagation since this is a local DNS server
|
||
|
dnsPropagationCheck = false;
|
||
|
};
|
||
|
|
||
|
certs = {
|
||
|
"skynet" = {
|
||
|
domain = "skynet.ie";
|
||
|
extraDomainNames = ["*.skynet.ie" ];
|
||
|
};
|
||
|
|
||
|
|
||
|
# temp basis
|
||
|
#"ulcompsoc.ie" = {
|
||
|
# domain = "ulcompsoc.ie";
|
||
|
# extraDomainNames = ["*.ulcompsoc.ie" ];
|
||
|
#};
|
||
|
};
|
||
|
};
|
||
|
}
|