nixos/middleman: Let's Encrypt for main domain

2022-06-06 01:12:18 +01:00
parent 60b2b6ec80
commit ffeb333bbc
3 changed files with 22 additions and 3 deletions
--- a/nixos/boxes/colony/vms/shill/containers/middleman.nix
+++ b/nixos/boxes/colony/vms/shill/containers/middleman.nix
@@ -39,15 +39,16 @@
                  owner = "acme";
                  group = "acme";
                };
+                "cloudflare-credentials.conf" = {
+                  owner = "acme";
+                  group = "acme";
+                };
              };
            };

            firewall = {
              tcp.allowed = [ "http" "https" ];
            };
-
-            tmproot.persistence.config.directories = [
-            ];
          };

          users = {
@@ -101,6 +102,13 @@
                    EXEC_PATH=${script}
                  '';
                };
+                "${lib.my.pubDomain}" = {
+                  extraDomainNames = [
+                    "*.${lib.my.pubDomain}"
+                  ];
+                  dnsProvider = "cloudflare";
+                  credentialsFile = config.age.secrets."cloudflare-credentials.conf".path;
+                };
              };
            };
          };