From 3424a9e8023fa7d5afb24530e973ea03e2506abf Mon Sep 17 00:00:00 2001
From: 514fpv <koishi@514fpv.one>
Date: Mon, 15 Jan 2024 15:57:25 +0800
Subject: [PATCH] feat(acme): add acme defaults

---
 global/acme/default.nix | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 global/acme/default.nix

diff --git a/global/acme/default.nix b/global/acme/default.nix
new file mode 100644
index 00000000..dacf367e
--- /dev/null
+++ b/global/acme/default.nix
@@ -0,0 +1,20 @@
+{ pkgs
+, lib
+, config
+, ... }: with lib; let
+  cfg = config.global.acme;
+in {
+  options.global.acme = {
+    enable = mkEnableOption "ACME SSL certificates";
+  };
+
+  config = mkIf cfg.enable {
+    security.acme = {
+      acceptTerms = true;
+      defaults.email = mkDefault "koishi@514fpv.one";
+      defaults.group = config.services.nginx.group;
+    };
+
+    environment.persistence."/nix/persist/fhs".directories = [ "/var/lib/acme" ];
+  };
+}