summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--profiles/homeserver/acme.nix8
-rw-r--r--secrets/porkbun8
2 files changed, 9 insertions, 7 deletions
diff --git a/profiles/homeserver/acme.nix b/profiles/homeserver/acme.nix
index a30e395..8b2a1e9 100644
--- a/profiles/homeserver/acme.nix
+++ b/profiles/homeserver/acme.nix
@@ -2,12 +2,14 @@
security.acme = {
acceptTerms = true;
defaults = {
- # NOTE(ivi): use dns wildcard certs for local services
- domain = "*.vinkies.net";
extraLegoRunFlags = ["--preferred-chain" "ISRG Root X1"];
email = ivi.email;
dnsProvider = "porkbun";
- credentialsFile = config.secrets.porkbun.path;
+ environmentFile = config.secrets.porkbun.path;
+ };
+ certs."vinkies.net" = {
+ # NOTE(ivi): use dns wildcard certs for local services
+ domain = "*.vinkies.net";
};
};
}
diff --git a/secrets/porkbun b/secrets/porkbun
index 3899c17..552523c 100644
--- a/secrets/porkbun
+++ b/secrets/porkbun
@@ -1,5 +1,5 @@
{
- "data": "ENC[AES256_GCM,data:p2Xf9Pnmpus9cL4+lZmLtSQCDROwE+xpqAPx29eWqfgMRGTJGREbF3fqBO76CV1KU/KmY0UxazMGBf2ErkMuCbx49sNskOD2PHFpakG6B31Qn9akIvGOk6rJZuQMtOjtcKsOg4nK8eVy182eCpuSOt91dJUy3XgpxieNhUDSc+SjXfn5vpoJic3SHKK6ZxXFagXxId2FenGYUlCWzwywXCiL4CEJjzHYJnhO3GC7VAYg,iv:K0NdPIGJFaO7Gq2K80tjAUfnp9+KmOCefmVG85nnPgY=,tag:+gPX3MfK4bDdGyhQ6N3Vog==,type:str]",
+ "data": "ENC[AES256_GCM,data:FTPzhFADwDaHzKpJ5fqMkRwkvFMPLm4aGWAGVzcqsNJv9bPeKK/WTSbthAW8XDZ6XeIc+W43R2S85ewcuPKDTlUlrHK7h6qJhyKpmDTn7nc3YkTImjKxCTqifVKYJBrCqTj3GqzL613gLzQgWxypwzBI3WM5xEKb6Jls7OqezPMIrfWOPI9EzBBoOfyonAUrJjTunl9rL1qu+rsoAJ56OhYPTzLpYzaOYv04xKR3+GGS,iv:D0eRsFsDWPnqzh1yOu/iGF1noAYT7KpccYnmuJN2pEU=,tag:jX5N/BsrPPw2GyjOTPuHmw==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
@@ -19,10 +19,10 @@
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYaHlEK2xLTjd3T2thdHU0\nT2JXQnhnMDRkQXlpODkvRnZGbGFsVC9RK2tZCnc4cGd3V0FKNEFwd0NIWEFvdmVn\nM2ozckMxd0tRUld6UFdqNkZVOXc1eWcKLS0tIHFyUlllbU9yV3JSVTl2VG9HUkxG\ncmJKQndaNkxWenFuaEpqRERTa0xUWEEKHuE6nfwKRS7gsbf8IuISXrWanrLTvE82\nnnwDIA4kgt+2sFbgygYhTO+duvMSVkGflc7SjZMNiIm6gklC1A5yPg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
- "lastmodified": "2023-10-17T23:45:30Z",
- "mac": "ENC[AES256_GCM,data:MtQ/ILhaNPFkxeEa/3hJV7sZ3S2qRVsYRcrvpvVyQzeBKHaG4Z61qQBlqkdUy1VWVc6te+B8eeMS5oexsP1ztGHsary715U5xUmHW1jiz8mITGfq5KOi91Xh54+v08mAexVZeEzZFxGpqkgyPY/UjFOnmeALGsEZLi0NL923/TQ=,iv:EzHS6yu3bjHNKSyOXqyeXDsQeOPUxpkORrTVVp5uQkg=,tag:gX+mf4S0QWUMkVBfU1R1zg==,type:str]",
+ "lastmodified": "2024-01-09T00:22:54Z",
+ "mac": "ENC[AES256_GCM,data:B+Bsoq+VahzcZM/0s7OGGNql3+b+8JT2fvPaps9f8sNQO/Vs8rsR20xIhlqFP0XCE9mkt5CQLz8A7z5hhMYW2cE+hNJdAAToEcFLgx3q9y3YAuGZc2fsb3dPL1revEHPdZg46wqi2bQomIhXUMBEZED5yEnzNto5MmoqZV3D6Yw=,iv:VHrU2KrTsV+8xH9RiQZqf8ynZTvnRZylLIvi/YTnUJU=,tag:N0MVEe/n3s/YPIQHNaetuw==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
- "version": "3.8.0"
+ "version": "3.8.1"
}
} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-12 13:32:17 +0000