nix-dotfiles/systems/palatine-hill/acme.nix

{
  config,
  lib,
  pkgs,
  outputs,
  ...
}:

{
  security.acme = {
    acceptTerms = true;
    defaults.email = "aliceghuston@gmail.com";
    certs."nayeonie.com" = {
      dnsProvider = "dnsimple";
      environmentFile = config.sops.secrets."acme/dnsimple".path;
      dnsPropagationCheck = false;
      group = "haproxy";
      extraDomainNames = [
        "*.nayeonie.com"
        # "alicehuston.xyz"
        # "*.alicehuston.xyz"
      ];
    };
  };

  systemd.services."acme-nayeonie.com.service".path = lib.mkForce (
    with pkgs;
    [
      coreutils
      diffutils
      openssl
    ]
    ++ [
      outputs.packages.x86_64-linux.lego-latest
    ]
  );

  sops.secrets = {
    "acme/dnsimple" = {
      owner = "root";
    };
  };
}
haproxy compat for acme, add go major mode to doom Signed-off-by: ahuston-0 <aliceghuston@gmail.com> 2024-12-01 00:56:29 -05:00			`{`
			`config,`
			`lib,`
			`pkgs,`
lego 2025-02-14 01:01:52 -05:00			`outputs,`
haproxy compat for acme, add go major mode to doom Signed-off-by: ahuston-0 <aliceghuston@gmail.com> 2024-12-01 00:56:29 -05:00			`...`
			`}:`

			`{`
			`security.acme = {`
			`acceptTerms = true;`
			`defaults.email = "aliceghuston@gmail.com";`
			`certs."nayeonie.com" = {`
migrate lego to dnsimple Signed-off-by: ahuston-0 <aliceghuston@gmail.com> 2025-02-27 00:05:20 -05:00			`dnsProvider = "dnsimple";`
			`environmentFile = config.sops.secrets."acme/dnsimple".path;`
haproxy compat for acme, add go major mode to doom Signed-off-by: ahuston-0 <aliceghuston@gmail.com> 2024-12-01 00:56:29 -05:00			`dnsPropagationCheck = false;`
			`group = "haproxy";`
			`extraDomainNames = [`
finalize nayeonie.com ACME Signed-off-by: ahuston-0 <aliceghuston@gmail.com> 2024-12-05 00:03:59 -05:00			`"*.nayeonie.com"`
haproxy compat for acme, add go major mode to doom Signed-off-by: ahuston-0 <aliceghuston@gmail.com> 2024-12-01 00:56:29 -05:00			`# "alicehuston.xyz"`
			`# "*.alicehuston.xyz"`
			`];`
			`};`
			`};`

lego 2025-02-14 01:01:52 -05:00			`systemd.services."acme-nayeonie.com.service".path = lib.mkForce (`
			`with pkgs;`
			`[`
			`coreutils`
			`diffutils`
			`openssl`
			`]`
			`++ [`
			`outputs.packages.x86_64-linux.lego-latest`
			`]`
			`);`

haproxy compat for acme, add go major mode to doom Signed-off-by: ahuston-0 <aliceghuston@gmail.com> 2024-12-01 00:56:29 -05:00			`sops.secrets = {`
migrate lego to dnsimple Signed-off-by: ahuston-0 <aliceghuston@gmail.com> 2025-02-27 00:05:20 -05:00			`"acme/dnsimple" = {`
haproxy compat for acme, add go major mode to doom Signed-off-by: ahuston-0 <aliceghuston@gmail.com> 2024-12-01 00:56:29 -05:00			`owner = "root";`
			`};`
			`};`
			`}`