{
  config,
  lib,
  pkgs,
  ...
}:

{
  security.acme = {
    acceptTerms = true;
    defaults.email = "aliceghuston@gmail.com";
    certs."nayeonie.com" = {
      dnsProvider = "bunny";
      environmentFile = config.sops.secrets."acme/bunny".path;
      dnsPropagationCheck = false;
      group = "haproxy";
      extraDomainNames = [
        # "*.nayeonie.com"
        # "alicehuston.xyz"
        # "*.alicehuston.xyz"
      ];
    };
  };
  security.acme.defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
  systemd.services."acme-nayeonie.com".serviceConfig = {
    Environment = [
      ''"PATH=/ZFS/ZFS-primary/backups/lego/dist:/nix/store/k48bha2fjqzarg52picsdfwlqx75aqbb-coreutils-9.5/bin:/nix/store/xrpvl6c1pyq7zazqnb41kgshmkr85da1-diffutils-3.10/bin:/nix/store/40yym8srkji787nrml52v4v160z41v65-openssl-3.3.2-bin/bin:/nix/store/k48bha2fjqzarg52picsdfwlqx75aqbb-coreutils-9.5/bin:/nix/store/lfhmpajzgfmgl8xrdvp2r9hdi2rf17wy-findutils-4.10.0/bin:/nix/store/14aswfz6pm8zvyyy927xzmi8x4rnvlc8-gnugrep-3.11/bin:/nix/store/gvivnz7rb2gz1vy7d9mdxgzj9didz7w2-gnused-4.9/bin:/nix/store/ivqjhj99firnjq7gp14qf35821viwi5m-systemd-256.7/bin:/nix/store/g6qc53kvmr6cws6lk1rzyx0dj4nhb7d8-lego-4.19.2/sbin:/nix/store/k48bha2fjqzarg52picsdfwlqx75aqbb-coreutils-9.5/sbin:/nix/store/xrpvl6c1pyq7zazqnb41kgshmkr85da1-diffutils-3.10/sbin:/nix/store/40yym8srkji787nrml52v4v160z41v65-openssl-3.3.2-bin/sbin:/nix/store/k48bha2fjqzarg52picsdfwlqx75aqbb-coreutils-9.5/sbin:/nix/store/lfhmpajzgfmgl8xrdvp2r9hdi2rf17wy-findutils-4.10.0/sbin:/nix/store/14aswfz6pm8zvyyy927xzmi8x4rnvlc8-gnugrep-3.11/sbin:/nix/store/gvivnz7rb2gz1vy7d9mdxgzj9didz7w2-gnused-4.9/sbin:/nix/store/ivqjhj99firnjq7gp14qf35821viwi5m-systemd-256.7/sbin""''
    ];
    # Environment = [ "LEGO_DISABLE_CNAME_SUPPORT=false" ];
  };

  sops.secrets = {
    "acme/bunny" = {
      owner = "root";
    };
  };
}