2023-12-31 09:47:16 +00:00
|
|
|
{config, ...}: {
|
2022-01-14 16:44:25 +00:00
|
|
|
security.acme = {
|
|
|
|
acceptTerms = true;
|
2022-01-14 17:03:14 +00:00
|
|
|
defaults = {
|
|
|
|
email = "lotte@chir.rs";
|
|
|
|
dnsProvider = "rfc2136";
|
|
|
|
credentialsFile = "/run/secrets/security/acme/dns";
|
|
|
|
};
|
2022-01-14 16:44:25 +00:00
|
|
|
certs."darkkirb.de" = {
|
|
|
|
domain = "*.darkkirb.de";
|
2022-06-12 15:39:15 +00:00
|
|
|
extraDomainNames = ["darkkirb.de"];
|
2024-10-19 06:10:38 +00:00
|
|
|
dnsProvider = "gcloud";
|
|
|
|
credentialsFile = config.sops.secrets."security/acme/gcloud".path;
|
|
|
|
dnsResolver = "1.1.1.1:53";
|
2022-01-14 16:44:25 +00:00
|
|
|
};
|
|
|
|
certs."chir.rs" = {
|
|
|
|
domain = "*.chir.rs";
|
2022-06-12 15:39:15 +00:00
|
|
|
extraDomainNames = ["chir.rs"];
|
2022-01-14 16:44:25 +00:00
|
|
|
};
|
|
|
|
certs."int.chir.rs" = {
|
|
|
|
domain = "*.int.chir.rs";
|
|
|
|
};
|
2022-12-14 17:02:17 +00:00
|
|
|
certs."shitallover.me" = {
|
|
|
|
domain = "*.shitallover.me";
|
|
|
|
extraDomainNames = ["shitallover.me"];
|
2023-12-31 09:47:16 +00:00
|
|
|
dnsProvider = "gcloud";
|
|
|
|
credentialsFile = config.sops.secrets."security/acme/gcloud".path;
|
2023-12-31 10:34:20 +00:00
|
|
|
dnsResolver = "1.1.1.1:53";
|
2022-12-14 17:02:17 +00:00
|
|
|
};
|
2022-03-06 19:50:59 +00:00
|
|
|
certs."miifox.net" = {
|
|
|
|
dnsProvider = "cloudflare";
|
|
|
|
credentialsFile = "/run/secrets/security/acme/cloudflare";
|
|
|
|
dnsResolver = "1.1.1.1:53";
|
|
|
|
};
|
2022-01-14 16:44:25 +00:00
|
|
|
};
|
2022-06-12 15:39:15 +00:00
|
|
|
sops.secrets."security/acme/dns" = {};
|
|
|
|
sops.secrets."security/acme/cloudflare" = {};
|
2023-12-31 09:47:16 +00:00
|
|
|
sops.secrets."security/acme/gcloud" = {};
|
2023-12-31 10:07:22 +00:00
|
|
|
sops.secrets."security/acme/gcloud.json".owner = "acme";
|
2022-01-14 16:44:25 +00:00
|
|
|
}
|