42 lines
860 B
Nix
42 lines
860 B
Nix
{ config, lib, ... }:
|
|
let
|
|
cfg = config.custom.acmeHttpClient;
|
|
in
|
|
{
|
|
options = {
|
|
custom.acmeHttpClient.enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
};
|
|
|
|
services.nginx.virtualHosts = lib.mkOption {
|
|
type = lib.types.attrsOf (
|
|
lib.types.submodule {
|
|
config = lib.mkIf cfg.enable (
|
|
lib.mkDefault {
|
|
enableACME = true;
|
|
}
|
|
);
|
|
}
|
|
);
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
environment.persistence."/persist".directories = [
|
|
{
|
|
directory = "/var/lib/acme";
|
|
user = "acme";
|
|
group = "acme";
|
|
mode = "u=rwx,g=rx,o=rx";
|
|
}
|
|
];
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
|
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
defaults.email = "vili.m.sinerva@gmail.com";
|
|
};
|
|
};
|
|
}
|