Harald Hoyer
4622c52d5b
Create 6 new NixOS modules to reduce duplication across system configs: - hardware/wooting: Wooting keyboard udev rules and Bluetooth compat - services/nginx-base: Common nginx server settings - services/acme-base: ACME certificate defaults - services/xremap: Key remapping with sensible defaults - system/no-sleep: Disable sleep/suspend/hibernate targets - system/kernel-tweaks: PM freeze timeout and zram configuration Update system configuration files to use these new modules. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
41 lines
985 B
Nix
41 lines
985 B
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib;
|
|
with lib.metacfg;
|
|
let
|
|
cfg = config.metacfg.services.acmeBase;
|
|
in
|
|
{
|
|
options.metacfg.services.acmeBase = with types; {
|
|
enable = mkBoolOpt false "Whether or not to enable ACME with common settings.";
|
|
email = mkOption {
|
|
type = types.str;
|
|
default = "harald@hoyer.xyz";
|
|
description = "Registration email for ACME.";
|
|
};
|
|
dnsProvider = mkOption {
|
|
type = types.str;
|
|
default = "cloudflare";
|
|
description = "DNS provider for ACME DNS-01 challenge.";
|
|
};
|
|
credentialsFile = mkOption {
|
|
type = types.nullOr types.path;
|
|
default = null;
|
|
description = "Path to the credentials file for the DNS provider.";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
defaults = {
|
|
email = cfg.email;
|
|
dnsProvider = cfg.dnsProvider;
|
|
credentialsFile = mkIf (cfg.credentialsFile != null) cfg.credentialsFile;
|
|
};
|
|
};
|
|
};
|
|
}
|