nixcfg/systems/x86_64-linux/sgx/acme.nix

{
  pkgs,
  lib,
  config,
  ...
}:
{
  sops.secrets.internetbs = {
    sopsFile = ../../../.secrets/hetzner/internetbs.yaml; # bring your own password file
  };

  security.acme = {
    acceptTerms = true;
    defaults = {
      email = "harald@hoyer.xyz";
      dnsProvider = "cloudflare";
      credentialsFile = config.sops.secrets.internetbs.path;
    };
    certs = {
      "internal.hoyer.world" = {   };
    };
  };
}
fix(openwebui): enable ssl for internal sgx Signed-off-by: Harald Hoyer <harald@hoyer.xyz> 2024-12-06 09:38:15 +01:00			`{`
			`pkgs,`
			`lib,`
			`config,`
			`...`
			`}:`
			`{`
			`sops.secrets.internetbs = {`
			`sopsFile = ../../../.secrets/hetzner/internetbs.yaml; # bring your own password file`
			`};`

			`security.acme = {`
			`acceptTerms = true;`
			`defaults = {`
			`email = "harald@hoyer.xyz";`
			`dnsProvider = "cloudflare";`
			`credentialsFile = config.sops.secrets.internetbs.path;`
			`};`
			`certs = {`
			`"internal.hoyer.world" = { };`
			`};`
			`};`
			`}`