shell: fix nixos-enter

[sourcephile-nix.git] / hosts / losurdo / acme / autogeree.net.nix

diff --git a/hosts/losurdo/acme/autogeree.net.nix b/hosts/losurdo/acme/autogeree.net.nix
index 261bdbfacc8f6b843ae1c0c787b04e7b052db709..7ea8b56d2803b73c313e368d8f5f440121ff3da3 100644 (file)
--- a/hosts/losurdo/acme/autogeree.net.nix
+++ b/hosts/losurdo/acme/autogeree.net.nix
@@ -1,4 +1,4 @@
-{ pkgs, lib, config, inputs, hosts, hostName, ... }:
+{ pkgs, lib, config, inputs, hosts, hostName, info, ... }:
 let
   domain = "autogeree.net";
   domainID = lib.replaceStrings [ "." ] [ "_" ] domain;
@@ -12,13 +12,13 @@ in
         type ipv4_addr
         elements = {
           ${hosts.mermet._module.args.ipv4},
-          217.70.177.40
+          ${info.gandi.dns.secondary.ns.ipv4}
         }
       }
       set output-net-lego-ipv6 {
         type ipv6_addr
         elements = {
-          2001:4b98:d:1::40
+          ${info.gandi.dns.secondary.ns.ipv6}
         }
       }
     }
@@ -46,8 +46,9 @@ in
     '';
   };
   systemd.services."acme-${domain}" = {
-    serviceConfig.LoadCredentialEncrypted =
-      [ "${domain}.tsig:${inputs.self}/hosts/${hostName}/acme/${domain}.tsig.cred" ];
+    serviceConfig.LoadCredentialEncrypted = [
+      "${domain}.tsig:${./. + "/${domain}.tsig.cred"}"
+    ];
     environment.RFC2136_TSIG_SECRET_FILE = "%d/${domain}.tsig";
     after = [ "unbound.service" ];
   };