From 73f3ca04c8609e76867ea7a0118b211d19ae69a6 Mon Sep 17 00:00:00 2001 From: Alan Pearce Date: Wed, 27 Nov 2024 11:28:13 +0100 Subject: Remove acme-dns --- system/linde.nix | 33 +++------------------------------ system/nanopi.nix | 1 - 2 files changed, 3 insertions(+), 31 deletions(-) (limited to 'system') diff --git a/system/linde.nix b/system/linde.nix index e5880491..8e6635b6 100644 --- a/system/linde.nix +++ b/system/linde.nix @@ -39,7 +39,6 @@ in mode = "400"; symlink = false; }; - acme.file = ../secrets/acme.age; binarycache.file = ../secrets/binarycache.age; dex.file = ../secrets/dex.age; powerdns.file = ../secrets/powerdns.age; @@ -610,38 +609,12 @@ in }; }; - services.acme-dns = { - enable = true; - settings = - let - me = "acme.${domain}"; - in - { - general = { - listen = "[${net-acmeip}]:53"; - protocol = "both6"; - domain = me; - nsname = me; - nsadmin = builtins.replaceStrings [ "@" ] [ "." ] config.security.acme.defaults.email; - records = [ - "${me}. AAAA ${net-acmeip}" - "${me}. NS ${me}." - ]; - }; - api = { - ip = "[${net-acmeip}]"; - tls = "letsencrypt"; - port = 443; - notification-email = config.security.acme.defaults.email; - }; - }; - }; - security.acme = { defaults = { email = "alan@alanpearce.eu"; - dnsProvider = "acme-dns"; - credentialsFile = config.age.secrets.acme.path; + dnsProvider = "pdns"; + dnsResolver = "1.1.1.1:53"; + credentialsFile = config.age.secrets.powerdns.path; reloadServices = [ "caddy" ]; validMinDays = 32; }; diff --git a/system/nanopi.nix b/system/nanopi.nix index 3a95ebfc..c3f36134 100755 --- a/system/nanopi.nix +++ b/system/nanopi.nix @@ -18,7 +18,6 @@ in age.secrets = { dyndns.file = ../secrets/dyndns.age; - acme.file = ../secrets/acme.age; syncthing.file = ../secrets/syncthing.age; }; -- cgit 1.4.1