41 lines
983 B
Nix
41 lines
983 B
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib;
|
|
with lib.metacfg;
|
|
let
|
|
cfg = config.metacfg.services.acmeBase;
|
|
in
|
|
{
|
|
options.metacfg.services.acmeBase = with types; {
|
|
enable = mkBoolOpt false "Whether or not to enable ACME with common settings.";
|
|
email = mkOption {
|
|
type = types.str;
|
|
default = "harald@hoyer.xyz";
|
|
description = "Registration email for ACME.";
|
|
};
|
|
dnsProvider = mkOption {
|
|
type = types.str;
|
|
default = "cloudflare";
|
|
description = "DNS provider for ACME DNS-01 challenge.";
|
|
};
|
|
credentialsFile = mkOption {
|
|
type = types.nullOr types.path;
|
|
default = null;
|
|
description = "Path to the credentials file for the DNS provider.";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
defaults = {
|
|
inherit (cfg) email;
|
|
inherit (cfg) dnsProvider;
|
|
credentialsFile = mkIf (cfg.credentialsFile != null) cfg.credentialsFile;
|
|
};
|
|
};
|
|
};
|
|
}
|