acme: going to be a tad mroe selective

applications/acme.nix

@@ -1,4 +1,24 @@
-{ config, ... }:{
+{ pkgs, lib, ... }:
+  with lib;
+  let
+    cfg = config.services.skynet_acme;
+  in {
+
+  imports = [];
+
+  options.services.skynet_acme = {
+    enable = mkEnableOption "Skynet Lets Encrypt certs";
+
+    domains = lib.mkOption {
+      default = [ ];
+      type = lib.types.listOf lib.types.str;
+      description = ''
+        A list of domains to use for this server.
+      '';
+    };
+  };
+
+  config = {
     # group that will own the certificates
     users.groups.acme = {};
 
@@ -18,12 +38,8 @@
       certs = {
         "skynet" = {
           domain = "skynet.ie";
-        extraDomainNames = [
+          extraDomainNames = cfg.domains;
-          "*.skynet.ie"
+        };
-          "*.minecraft.games.skynet.ie"
-          "*.pages.skynet.ie"
-          "api.account.skynet.ie"
-        ];
       };
     };
   };