github.com-tboerger-nixos-c.../machines/services/acme.nix

{ pkgs, lib, config, options, ... }:

let
  cfg = config.personal.services.acme;

in
{
  options = with lib; {
    personal = {
      services = {
        acme = {
          enable = mkEnableOption "Acme";
        };
      };
    };
  };

  config = with lib; mkIf cfg.enable {
      security = {
        acme = {
          acceptTerms = true;
          email = "hostmaster@boerger.ws";

          certs = {
            "home.boerger.ws" = {
              extraDomainNames = ["*.home.boerger.ws"];
              dnsProvider = "cloudflare";
              credentialsFile = config.age.secrets."services/acme/credentials".path;
            };
          };
        };
      };

      age.secrets."services/acme/credentials" = {
        file = ../../secrets/services/acme/credentials.age;
        owner = "acme";
      };
    };
}
chore(machines): update module structuring 2022-04-10 20:57:56 +02:00			`{ pkgs, lib, config, options, ... }:`

			`let`
			`cfg = config.personal.services.acme;`

			`in`
			`{`
			`options = with lib; {`
			`personal = {`
			`services = {`
			`acme = {`
			`enable = mkEnableOption "Acme";`
			`};`
			`};`
			`};`
			`};`

			`config = with lib; mkIf cfg.enable {`
			`security = {`
			`acme = {`
			`acceptTerms = true;`
			`email = "hostmaster@boerger.ws";`

			`certs = {`
			`"home.boerger.ws" = {`
			`extraDomainNames = ["*.home.boerger.ws"];`
			`dnsProvider = "cloudflare";`
			`credentialsFile = config.age.secrets."services/acme/credentials".path;`
			`};`
			`};`
			`};`
			`};`

			`age.secrets."services/acme/credentials" = {`
			`file = ../../secrets/services/acme/credentials.age;`
			`owner = "acme";`
			`};`
			`};`
			`}`