satellite/hosts/nixos/common/optional/services/acme.nix

{ config, ... }: {
  sops.secrets.cloudflare_dns_api_token.sopsFile = ../../secrets.yaml;

  sops.templates."acme.env".content = ''
    CF_DNS_API_TOKEN=${config.sops.placeholder.cloudflare_dns_api_token}
  '';

  security.acme.acceptTerms = true;
  security.acme.defaults = {
    email = "acme@moonythm.dev";
    dnsProvider = "cloudflare";
    environmentFile = config.sops.templates."acme.env".path;
  };

  environment.persistence."/persist/state".directories = [
    "/var/lib/acme"
  ];
}
Set up ddclient 2024-04-07 12:11:57 +02:00			`{ config, ... }: {`
Move to cloudflare dns 2024-05-09 03:33:22 +02:00			`sops.secrets.cloudflare_dns_api_token.sopsFile = ../../secrets.yaml;`
Set up ddclient 2024-04-07 12:11:57 +02:00
			`sops.templates."acme.env".content = ''`
Move to cloudflare dns 2024-05-09 03:33:22 +02:00			`CF_DNS_API_TOKEN=${config.sops.placeholder.cloudflare_dns_api_token}`
Set up ddclient 2024-04-07 12:11:57 +02:00			`'';`

			`security.acme.acceptTerms = true;`
			`security.acme.defaults = {`
			`email = "acme@moonythm.dev";`
Move to cloudflare dns 2024-05-09 03:33:22 +02:00			`dnsProvider = "cloudflare";`
Set up ddclient 2024-04-07 12:11:57 +02:00			`environmentFile = config.sops.templates."acme.env".path;`
			`};`

			`environment.persistence."/persist/state".directories = [`
			`"/var/lib/acme"`
			`];`
			`}`