feat(acme): add acme defaults

2024-01-15 15:57:25 +08:00 · 2024-01-15 15:57:25 +08:00 · 3424a9e802
parent 1b4ed807b7
commit 3424a9e802
1 changed files with 20 additions and 0 deletions
--- a/global/acme/default.nix
+++ b/global/acme/default.nix
@ -0,0 +1,20 @@
 { pkgs
 , lib
 , config
 , ... }: with lib; let
  cfg = config.global.acme;
 in {
  options.global.acme = {
    enable = mkEnableOption "ACME SSL certificates";
  };
  config = mkIf cfg.enable {
    security.acme = {
      acceptTerms = true;
      defaults.email = mkDefault "koishi@514fpv.one";
      defaults.group = config.services.nginx.group;
    };
    environment.persistence."/nix/persist/fhs".directories = [ "/var/lib/acme" ];
  };
 }