From 257211411c560859eb62ecbc3e8826eae42667ce Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Fri, 14 Feb 2025 01:01:52 -0500
Subject: [PATCH] lego

---
 flake.nix                      |  4 ++++
 pkgs/lego-latest/default.nix   | 39 ++++++++++++++++++++++++++++++++++
 systems/palatine-hill/acme.nix | 13 ++++++++++++
 3 files changed, 56 insertions(+)
 create mode 100644 pkgs/lego-latest/default.nix

diff --git a/flake.nix b/flake.nix
index bec683c..761f8e6 100644
--- a/flake.nix
+++ b/flake.nix
@@ -151,6 +151,10 @@
         qcow = getImages nixosConfigurations "qcow";
       };
 
+      packages.x86_64-linux.lego-latest =
+        nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/lego-latest/default.nix
+          { };
+
       checks = import ./checks.nix { inherit inputs forEachSystem formatter; };
       devShells = import ./shell.nix { inherit inputs forEachSystem checks; };
 
diff --git a/pkgs/lego-latest/default.nix b/pkgs/lego-latest/default.nix
new file mode 100644
index 0000000..bca86e4
--- /dev/null
+++ b/pkgs/lego-latest/default.nix
@@ -0,0 +1,39 @@
+{
+  lib,
+  fetchFromGitHub,
+  buildGoModule,
+}:
+
+buildGoModule rec {
+  pname = "lego";
+  version = "4.21.0";
+
+  src = fetchFromGitHub {
+    owner = "go-acme";
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-3dSvQfkBNh8Bt10nv4xGplv4iY3gWvDu2EDN6UovSdc=";
+  };
+
+  vendorHash = "sha256-teA6fnKl4ATePOYL/zuemyiVy9jgsxikqmuQJwwA8wE=";
+
+  doCheck = false;
+
+  subPackages = [ "cmd/lego" ];
+
+  ldflags = [
+    "-s"
+    "-w"
+    "-X main.version=${version}"
+  ];
+
+  meta = with lib; {
+    description = "Let's Encrypt client and ACME library written in Go";
+    license = licenses.mit;
+    homepage = "https://go-acme.github.io/lego/";
+    maintainers = teams.acme.members;
+    mainProgram = "lego";
+  };
+
+  #passthru.tests.lego = nixosTests.acme;
+}
diff --git a/systems/palatine-hill/acme.nix b/systems/palatine-hill/acme.nix
index 393f4eb..1180099 100644
--- a/systems/palatine-hill/acme.nix
+++ b/systems/palatine-hill/acme.nix
@@ -2,6 +2,7 @@
   config,
   lib,
   pkgs,
+  outputs,
   ...
 }:
 
@@ -22,6 +23,18 @@
     };
   };
 
+  systemd.services."acme-nayeonie.com.service".path = lib.mkForce (
+    with pkgs;
+    [
+      coreutils
+      diffutils
+      openssl
+    ]
+    ++ [
+      outputs.packages.x86_64-linux.lego-latest
+    ]
+  );
+
   sops.secrets = {
     "acme/bunny" = {
       owner = "root";
-- 
2.48.1