adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

all: setup caddy to use DNS challenge

Browse source
This commit is contained in:
Adithya 2024-09-14 16:57:22 +05:30
parent 2413dd7935
commit 4b5463471a
Signed by: adtya
GPG key ID: B8857BFBA2C47B9C
1 changed files with 14 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
hosts/shared/caddy.nix
View file

@ -1,9 +1,22 @@
{ inputs, pkgs, ... }: { { config, inputs, pkgs, ... }: {
sops = {
secrets = {
"digitalocean/token_file" = {
mode = "444";
owner = config.users.users.root.name;
group = config.users.users.root.group;
};
};
};
services.caddy = { services.caddy = {
enable = true; enable = true;
package = inputs.caddy.packages.${pkgs.system}.caddy; package = inputs.caddy.packages.${pkgs.system}.caddy;
email = "admin@acomputer.lol"; email = "admin@acomputer.lol";
globalConfig = ''
acme_dns digitalocean {env.DO_API_TOKEN}
'';
}; };
systemd.services.caddy.serviceConfig.EnvironmentFile = config.sops.secrets."digitalocean/token_file".path;
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
} }