cluster: switch to exec dns01 provider
This commit is contained in:
parent
bfd7a4214c
commit
0943c410c3
9 changed files with 10 additions and 10 deletions
|
@ -11,7 +11,7 @@ in
|
|||
security.acme.certs."internal.${domain}" = {
|
||||
domain = "*.internal.${domain}";
|
||||
extraDomainNames = [ "*.internal.${domain}" ];
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
group = "nginx";
|
||||
postRun = ''
|
||||
${pkgs.acl}/bin/setfacl -Rb out/
|
||||
|
|
|
@ -42,7 +42,7 @@ in
|
|||
};
|
||||
|
||||
security.acme.certs."securedns.${domain}" = {
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
# using a different ACME provider because Android Private DNS is fucky
|
||||
server = "https://api.buypass.com/acme/directory";
|
||||
reloadServices = [
|
||||
|
|
|
@ -18,7 +18,7 @@ in
|
|||
security.acme.certs = {
|
||||
"internal.${domain}".reloadServices = [ "kanidm.service" ];
|
||||
"idm.${domain}" = {
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
webroot = lib.mkForce null;
|
||||
};
|
||||
};
|
||||
|
|
|
@ -81,7 +81,7 @@ in {
|
|||
services.nginx.virtualHosts."pin.${domain}" = vhosts.proxy "http://unix:${pinSvcSocket}";
|
||||
users.users.nginx.extraGroups = [ cfg.group ];
|
||||
security.acme.certs."pin.${domain}" = {
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
webroot = lib.mkForce null;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -48,12 +48,12 @@ in
|
|||
security.acme.certs."ipfs.${domain}" = {
|
||||
domain = "*.ipfs.${domain}";
|
||||
extraDomainNames = [ "*.ipns.${domain}" ];
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
group = "nginx";
|
||||
};
|
||||
|
||||
security.acme.certs."p2p.${domain}" = {
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
webroot = lib.mkForce null;
|
||||
};
|
||||
|
||||
|
|
|
@ -82,7 +82,7 @@ in {
|
|||
params.ngircd.bits = 2048;
|
||||
};
|
||||
security.acme.certs."${serverName}" = {
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
group = "ngircd";
|
||||
reloadServices = [ "ngircd" ];
|
||||
extraDomainNames = [ linkGlobalSecure.ipv4 ];
|
||||
|
|
|
@ -103,7 +103,7 @@ in
|
|||
};
|
||||
|
||||
security.acme.certs."monitoring.${domain}" = {
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
webroot = lib.mkForce null;
|
||||
};
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ in
|
|||
};
|
||||
};
|
||||
security.acme.certs.${link.hostname} = {
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
webroot = lib.mkForce null;
|
||||
};
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ let
|
|||
acmeUseDNS = name: conf: {
|
||||
name = conf.useACMEHost or conf.serverName or name;
|
||||
value = {
|
||||
dnsProvider = "pdns";
|
||||
dnsProvider = "exec";
|
||||
webroot = null;
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue