all repos — nixfiles @ c0d83d93a0a17194afeeeae12e98818f3911f71d

System and user configuration, managed by nix and home-manager

Partially revert "Remove acme-dns" This reverts commit 73f3ca04c8609e76867ea7a0118b211d19ae69a6.

Alan Pearce
commit

c0d83d93a0a17194afeeeae12e98818f3911f71d

parent

b3113adb09022a8fef659818b5cb43c55b40fc5f

4 files changed, 5 insertions(+), 1 deletion(-)

jump to
A secrets/acme.age

Not showing binary file.

M secrets/secrets.nixsecrets/secrets.nix
@@ -11,6 +11,8 @@ nanopi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/KOwhb4pyuw4U8hnkPAbRNk6o41Fmvsa67cY6MHA9k";
   };
 
   secrets = with machines; {
+    acme = [ linde nanopi ];
+
     binarycache = [ linde ];
     paperless = [ linde ];
     powerdns = [ linde ];
M system/linde.nixsystem/linde.nix
@@ -39,6 +39,7 @@ owner = cfg.user;
         mode = "400";
         symlink = false;
       };
+    acme.file = ../secrets/acme.age;
     binarycache.file = ../secrets/binarycache.age;
     dex.file = ../secrets/dex.age;
     powerdns.file = ../secrets/powerdns.age;

@@ -614,7 +615,7 @@ defaults = {
       email = "alan@alanpearce.eu";
       dnsProvider = "pdns";
       dnsResolver = "1.1.1.1:53";
-      credentialsFile = config.age.secrets.powerdns.path;
+      credentialsFile = config.age.secrets.acme.path;
       reloadServices = [ "caddy" ];
       validMinDays = 32;
     };
M system/nanopi.nixsystem/nanopi.nix
@@ -18,6 +18,7 @@ ];
 
   age.secrets = {
     dyndns.file = ../secrets/dyndns.age;
+    acme.file = ../secrets/acme.age;
     syncthing.file = ../secrets/syncthing.age;
   };