From 62d0cff4a6923703203545705b398198f038c5d4 Mon Sep 17 00:00:00 2001
From: Julien Moutinho <julm+sourcephile-nix@sourcephile.fr>
Date: Thu, 18 Jan 2024 21:47:46 +0100
Subject: [PATCH] mermet: knot: enable CAA validationmethods= and accounturi=

---
 hosts/mermet/knot/autogeree.net.nix  | 2 +-
 hosts/mermet/knot/sourcephile.fr.nix | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/hosts/mermet/knot/autogeree.net.nix b/hosts/mermet/knot/autogeree.net.nix
index 7e49584..fcf9793 100644
--- a/hosts/mermet/knot/autogeree.net.nix
+++ b/hosts/mermet/knot/autogeree.net.nix
@@ -54,7 +54,7 @@ let
 
       ; CAA (Certificate Authority Authorization)
       ; DOC: https://blog.qualys.com/ssllabs/2017/03/13/caa-mandated-by-cabrowser-forum
-      @ CAA 128 issue "letsencrypt.org"
+      @ CAA 128 issue "letsencrypt.org; validationmethods=dns-01; accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/79737822"
     '';
 in
 {
diff --git a/hosts/mermet/knot/sourcephile.fr.nix b/hosts/mermet/knot/sourcephile.fr.nix
index 5e5b16b..95250a4 100644
--- a/hosts/mermet/knot/sourcephile.fr.nix
+++ b/hosts/mermet/knot/sourcephile.fr.nix
@@ -87,7 +87,7 @@ let
 
       ; CAA (Certificate Authority Authorization)
       ; DOC: https://blog.qualys.com/ssllabs/2017/03/13/caa-mandated-by-cabrowser-forum
-      @ CAA 128 issue "letsencrypt.org"
+      @ CAA 128 issue "letsencrypt.org; validationmethods=dns-01; accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/78014180"
     '';
 in
 {
-- 
2.47.2