sail: wip acme
This commit is contained in:
parent
ea0338519d
commit
fa9530f333
SSH key fingerprint:
SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM
6 changed files with 45 additions and 2 deletions
14
agenix/hosts/sail/acme/credentials.age
Normal file
14
agenix/hosts/sail/acme/credentials.age
Normal file
|
|
@ -0,0 +1,14 @@
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE10R3A2ZyBDa08x
|
||||||
|
ZG5Vb2tJQVBubUladFk2T0wzSll2QW1TbG5wRWw4emZmUmpITkZNCjRkeTRPZnUy
|
||||||
|
TjZ4VUZlTnRGdUxxdW8xQ29pempXdHVoRnpzUEJ5b0M4MEkKLT4gc3NoLWVkMjU1
|
||||||
|
MTkgTmJWNGh3IEJVOWtXRFNzdEk3NkhocWtyb3JYekJ6MEFNN2dDM2N4cXlaL1Rr
|
||||||
|
YkdFRjgKM2VNTFNQTWdqbE9VanJVL3FmeWQ4c0ZuOThaVWlRdDlnTmFMeEJYU0lG
|
||||||
|
OAotPiBEQTZTa0d+PC1ncmVhc2UgMSB7a3QvKUxTOCBJM344Vj5ZCndISGdYVTI4
|
||||||
|
ZG5ja3FNUTlYeTlEczBiSXdySVNHVEo1SElvdHZ1ZnZ0eWhCZmlKclo3VWpJSlox
|
||||||
|
b0ZtSkk1VXYKMDF3cTFGNXVwMnd1Zm1pVnptY3VjRExHT2t1RklwQlEycEN4T1Jj
|
||||||
|
U25zdlNTYmcKLS0tIFZUcGZrTUtTT3djZ3d0VU05aDdFcDk1Tm9KN3NTMnl3alh3
|
||||||
|
QWlLN3BaNWMKFSyXplcynqnH04rkNdl+7Deq0sUTr32SvZJsYTWaqGK2x6BT3tYY
|
||||||
|
C9qbNY7N0kG8XAtWFUvIdlhOTQPgouiyBc94OtUioJgqx/j8+85REXqjiio1Emkj
|
||||||
|
7EPYwRgeatQl4CA=
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
|
@ -1,5 +1,11 @@
|
||||||
{
|
{
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
|
acme-credentials = {
|
||||||
|
file = ./acme/credentials.age;
|
||||||
|
owner = "acme";
|
||||||
|
group = "acme";
|
||||||
|
};
|
||||||
|
|
||||||
cloudflared-environment = {
|
cloudflared-environment = {
|
||||||
file = ./cloudflared/environment.age;
|
file = ./cloudflared/environment.age;
|
||||||
owner = "cloudflared";
|
owner = "cloudflared";
|
||||||
|
|
|
||||||
|
|
@ -116,8 +116,8 @@ rec {
|
||||||
src = pkgs.fetchFromGitHub {
|
src = pkgs.fetchFromGitHub {
|
||||||
owner = "nvim-treesitter";
|
owner = "nvim-treesitter";
|
||||||
repo = "nvim-treesitter";
|
repo = "nvim-treesitter";
|
||||||
rev = "3731cf1c0c70287568d26f190849c68a46c21297";
|
rev = "d11dd552dbde181cd49652188521f4b5f6cad2f8";
|
||||||
sha256 = "0n44iknqkaghy68gvdg5a3gvx9pplvnnxka427x69b8r6v3xgjzz";
|
sha256 = "12a5zrflzrlgmagiyp82s5c2x551v9vsypvmb0c04qbya4y1vaiz";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,8 @@ let
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
# sail
|
# sail
|
||||||
|
"agenix/hosts/sail/acme/credentials.age".publicKeys = sail;
|
||||||
|
|
||||||
"agenix/hosts/sail/cloudflared/environment.age".publicKeys = sail;
|
"agenix/hosts/sail/cloudflared/environment.age".publicKeys = sail;
|
||||||
|
|
||||||
"agenix/hosts/sail/mastodon/databasePassword.age".publicKeys = sail;
|
"agenix/hosts/sail/mastodon/databasePassword.age".publicKeys = sail;
|
||||||
|
|
|
||||||
|
|
@ -16,6 +16,8 @@ in
|
||||||
|
|
||||||
../nixos/cloudflared.nix
|
../nixos/cloudflared.nix
|
||||||
|
|
||||||
|
../nixos/acme-sail.nix
|
||||||
|
|
||||||
../nixos/atuin-sync.nix
|
../nixos/atuin-sync.nix
|
||||||
|
|
||||||
../nixos/anonymous-overflow.nix
|
../nixos/anonymous-overflow.nix
|
||||||
|
|
|
||||||
19
system/nixos/acme-sail.nix
Normal file
19
system/nixos/acme-sail.nix
Normal file
|
|
@ -0,0 +1,19 @@
|
||||||
|
{ config, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
security.acme = {
|
||||||
|
acceptTerms = true;
|
||||||
|
email = "acme@kempkens.io";
|
||||||
|
|
||||||
|
defaults = {
|
||||||
|
dnsProvider = "cloudflare";
|
||||||
|
credentialsFile = config.age.secrets.acme-credentials.path;
|
||||||
|
dnsResolver = "1.1.1.1:53";
|
||||||
|
dnsPropagationCheck = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
"daniel.sx" = {
|
||||||
|
domain = "*.daniel.sx";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue