mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-09 20:39:18 -08:00
23 lines
729 B
Nix
23 lines
729 B
Nix
{ config, meta, lib, name, ... }: with lib;
|
|
let
|
|
home = meta.deploy.targets.home.tf;
|
|
in lib.mkIf (name != "home") {
|
|
acme = {
|
|
enable = true;
|
|
account = {
|
|
register = lib.mkDefault false;
|
|
emailAddress = "kat@inskip.me";
|
|
accountKeyPem = home.resources.acme_private_key.importAttr "private_key_pem";
|
|
};
|
|
challenge = {
|
|
defaultProvider = "rfc2136";
|
|
configs.rfc2136 = {
|
|
RFC2136_NAMESERVER = config.variables.katdns-address.ref;
|
|
RFC2136_TSIG_KEY = config.variables.katdns-name.ref;
|
|
RFC2136_TSIG_SECRET = config.variables.katdns-key.ref;
|
|
RFC2136_TSIG_ALGORITHM = "hmac-sha512";
|
|
};
|
|
};
|
|
};
|
|
|
|
}
|