19 lines
433 B
Nix
19 lines
433 B
Nix
{config, ...}: {
|
|
age.secrets.hetzner-dns.file = ../../secrets/hetzner-dns.age;
|
|
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
defaults.email = "acme@buffet.sh";
|
|
certs."buffet.sh" = {
|
|
group = "nginx";
|
|
dnsProvider = "hetzner";
|
|
credentialsFile = config.age.secrets.hetzner-dns.path;
|
|
|
|
extraDomainNames = [
|
|
"*.buffet.sh"
|
|
"*.buffets.kitchen"
|
|
"buffets.kitchen"
|
|
];
|
|
};
|
|
};
|
|
}
|