]> Git — Sourcephile - sourcephile-nix.git/blob - hosts/losurdo/acme.nix
mermet: acme: reenable dnsPropagationCheck, gandi.net fixed the issue
[sourcephile-nix.git] / hosts / losurdo / acme.nix
1 { pkgs, config, ... }:
2 let
3 inherit (config.users) users groups;
4 in
5 {
6 imports = [
7 acme/autogeree.net.nix
8 acme/sourcephile.fr.nix
9 ];
10 security.acme = {
11 acceptTerms = true;
12 };
13 environment.systemPackages = [
14 pkgs.lego
15 ];
16 /*
17 users.users.acme = {
18 home = "/var/lib/acme";
19 group = groups."acme".name;
20 # Set a static UID to install the credentialFile
21 # with acme:root perms before the system switch
22 uid = 14;
23 isSystemUser = true;
24 };
25 assertions = [
26 { assertion = ! elem users.acme.uid (attrValues config.ids.uids);
27 message = ''
28 Unix user ID ${toString users.acme.uid} is already taken in config.ids.uids: change for a free UID.
29 '';
30 }
31 ];
32 */
33 users.groups = {
34 acme = { };
35 };
36
37 }