got dns challenge cert

author: Mike Vink <ivi@vinkies.net> 2024-01-09 01:24:44 +0100
committer: Mike Vink <ivi@vinkies.net> 2024-01-09 01:24:44 +0100
commit: 2b922d62443b28e199b2bfa49f214f4e9b167947 (patch)
tree: 9354df5ceb5526c297249500363f9c2d3e3dfaab /profiles
parent: 499b07a43dc82954002d5e4a0335ebeea9c9613e (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/profiles/homeserver/acme.nix b/profiles/homeserver/acme.nix
index a30e395..8b2a1e9 100644
--- a/profiles/homeserver/acme.nix
+++ b/profiles/homeserver/acme.nix
@@ -2,12 +2,14 @@
   security.acme = {
     acceptTerms = true;
     defaults = {
-      # NOTE(ivi): use dns wildcard certs for local services
-      domain = "*.vinkies.net";
       extraLegoRunFlags = ["--preferred-chain" "ISRG Root X1"];
       email = ivi.email;
       dnsProvider = "porkbun";
-      credentialsFile = config.secrets.porkbun.path;
+      environmentFile = config.secrets.porkbun.path;
+    };
+    certs."vinkies.net" = {
+      # NOTE(ivi): use dns wildcard certs for local services
+      domain = "*.vinkies.net";
     };
   };
 }
author	Mike Vink <ivi@vinkies.net>	2024-01-09 01:24:44 +0100
committer	Mike Vink <ivi@vinkies.net>	2024-01-09 01:24:44 +0100
commit	2b922d62443b28e199b2bfa49f214f4e9b167947 (patch)
tree	9354df5ceb5526c297249500363f9c2d3e3dfaab /profiles
parent	499b07a43dc82954002d5e4a0335ebeea9c9613e (diff)