21 lines
619 B
Nix
21 lines
619 B
Nix
{ config, ... }: {
|
|
sops.secrets.porkbun_api_key.sopsFile = ../../secrets.yaml;
|
|
sops.secrets.porkbun_secret_api_key.sopsFile = ../../secrets.yaml;
|
|
|
|
sops.templates."acme.env".content = ''
|
|
PORKBUN_API_KEY=${config.sops.placeholder.porkbun_api_key}
|
|
PORKBUN_SECRET_API_KEY=${config.sops.placeholder.porkbun_secret_api_key}
|
|
'';
|
|
|
|
security.acme.acceptTerms = true;
|
|
security.acme.defaults = {
|
|
email = "acme@moonythm.dev";
|
|
dnsProvider = "porkbun";
|
|
environmentFile = config.sops.templates."acme.env".path;
|
|
};
|
|
|
|
environment.persistence."/persist/state".directories = [
|
|
"/var/lib/acme"
|
|
];
|
|
}
|