{ # group that will own the certificates users.groups.acme = {}; age.secrets.acme.file = ../secrets/dns_certs.secret.age; security.acme = { preliminarySelfsigned = false; acceptTerms = true; defaults = { email = "admin_acme@skynet.ie"; dnsProvider = "rfc2136"; credentialsFile = "/run/agenix/acme"; # We don't need to wait for propagation since this is a local DNS server dnsPropagationCheck = true; }; certs = { "skynet" = { domain = "skynet.ie"; extraDomainNames = [ "*.skynet.ie" "*.minecraft.games.skynet.ie" ]; }; # temp basis #"ulcompsoc.ie" = { # domain = "ulcompsoc.ie"; # extraDomainNames = ["*.ulcompsoc.ie" ]; #}; }; }; }