From 7e6f3803f5ae66b4e2024fae9689b68230e41118 Mon Sep 17 00:00:00 2001 From: Adithya Nair Date: Sun, 27 Oct 2024 23:18:21 +0530 Subject: [PATCH] all: use hetzner for ACME DNS --- flake.lock | 12 ++++++------ hosts/rico0/services/apps/proofs.nix | 2 +- hosts/shared/caddy-helpers.nix | 2 +- secrets.yaml | 6 +++--- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index a6ad010..91f76e0 100644 --- a/flake.lock +++ b/flake.lock @@ -26,11 +26,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1729817767, - "narHash": "sha256-SMg2a3sfpjio13g7I+Wn63iVa3Z+q9TBkS92VtzjTRE=", + "lastModified": 1730050467, + "narHash": "sha256-gIhrrsWIqWUdmF/jMQcOfAl35LAqdhk2yCy1kcARxOo=", "owner": "adtya", "repo": "caddy-with-modules", - "rev": "d7bf6b19508418191495e8d0b93c9ecb6b86662c", + "rev": "a00042b8e19812d1d2c9922958712e0aed59cec2", "type": "github" }, "original": { @@ -590,11 +590,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1729665710, - "narHash": "sha256-AlcmCXJZPIlO5dmFzV3V2XF6x/OpNWUV8Y/FMPGd8Z4=", + "lastModified": 1729880355, + "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2768c7d042a37de65bb1b5b3268fc987e534c49d", + "rev": "18536bf04cd71abd345f9579158841376fdd0c5a", "type": "github" }, "original": { diff --git a/hosts/rico0/services/apps/proofs.nix b/hosts/rico0/services/apps/proofs.nix index 34d2e1e..783d717 100644 --- a/hosts/rico0/services/apps/proofs.nix +++ b/hosts/rico0/services/apps/proofs.nix @@ -7,7 +7,7 @@ in services = { caddy.virtualHosts = { "${domainName}" = { - inherit logFormat; + inherit logFormat; extraConfig = '' redir https://keyoxide.org/hkp/51E4F5AB1B82BE45B4229CC243A5E25AA5A27849 ''; diff --git a/hosts/shared/caddy-helpers.nix b/hosts/shared/caddy-helpers.nix index ed841ed..4a173b4 100644 --- a/hosts/shared/caddy-helpers.nix +++ b/hosts/shared/caddy-helpers.nix @@ -7,7 +7,7 @@ tlsAcmeDnsChallenge = '' tls { - dns digitalocean {env.DO_API_TOKEN} + dns hetzner {env.HETZNER_ACCESS_TOKEN} } ''; } diff --git a/secrets.yaml b/secrets.yaml index b956c7d..99b407f 100644 --- a/secrets.yaml +++ b/secrets.yaml @@ -25,7 +25,7 @@ frp: matrix: syncv3_secret: ENC[AES256_GCM,data:05lLSSolNO55VjJQL3nLNGo2jiZUZht2FKNvc2O2dCccSfglrwm6J5Guzns9ZlT8X9j74lvlWlbM6Q==,iv:1zARbgZ9GJV1UMJ+WjFPNYPqhRjGVj4iLYMpfsRjrko=,tag:fQ9Vg1xD1k2eYlEbtF6q8A==,type:str] caddy: - env_file: ENC[AES256_GCM,data:FPMNS356/fZ9DFgu0/lH5S2+zKBkeo5VAYFK9fFgxNRm2IRWQg79yfW8xTJuAZw5AZrEiNvpfU0eDO+q1fLEdJccINHatKjTD/gMUCb3oAA7u6b2,iv:sBmSTTtvRtOtoBSEMzzhtnSFoX9Va85g6K2bVxB4Kak=,tag:pv7/pwG3M2qrnrMMJ9eePw==,type:str] + env_file: ENC[AES256_GCM,data:PKtILX7o0D3rj78JXIXad9UcQz0ZiihXK1nY/kb08fh3i54hYrFyJyGt04b9mAufxTnhDV4=,iv:I/EtxopCFmRxgsGJIcFDufTiM1JyPPoIQkgKIDiCP24=,tag:5QlGMp839p9RYKB09tr61A==,type:str] proton: layne: ENC[AES256_GCM,data:7bJBG+GWo5XycWR3MiJJItJjdDXxmri+tdbOxc9DymkViyixJ6+zwrabZvoVtEwzJY5S18b5RgyAWlexynlIXmoywavbieHh9RSRNzXStQpZGxCzvLUy2gJJXgA6URHlcFQxQ52A7z1ffB8EfXO6MGnK8MhMTkN8n66+Tj+gLhVVGmypYfgXcQ1CCNDVU9iW9KYJm5rOVTu+rdijQZi4pXQXbwR3skWgrxCy/AaA56uBipHh4yL6w/Zvm6C4j4MUR0Ql7ugUNdX2yx+oEQmrtDQT8zbP0xhhtS4r3pTBJTp1kA==,iv:c/ytTNloIt7Mo/wpV7Y9W0xQStwCQk5/uhH2CArRu1c=,tag:UcYM2zpXScYDtzjCMmJGow==,type:str] sops: @@ -97,8 +97,8 @@ sops: YzdpTitkMHh6VUFtV2FodVF6OWJkTU0KBjC+esgHZ8hTWXwZ+cy4++jLP+gsruHM fmRDhvQu0MNHkjQ8q4VmwRVl10uc8CyTDFTuyDoAhvmnzXHtrg1wpA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-25T07:58:00Z" - mac: ENC[AES256_GCM,data:ewe54xN+92M6NiUiII/sfZ9YbIZ6qr+oLjOKCwJTRLUH5LKWKklHq/Syk6e+VegE9sdQDLSU0XQBeEfmmLEA5QCpVNjzKC+0X5ERawUmllG95O23W5lWzUddCO+XsGRfveZkj8654xLdgWiQd4fh3DOhusjpzYzemlJDYmtSTQE=,iv:SYeXhdDyH4Le9trSOcz4Pg0jPKTHJVkFpMN0+Q6RL9E=,tag:Fnq582qwou0JbwZhb4Ih+g==,type:str] + lastmodified: "2024-10-27T17:46:26Z" + mac: ENC[AES256_GCM,data:bOeMkb1FvkGIYSCCZ2sN42+WcuthaYWQ/Tr+C2v3mlCei1lZLevbg964Kn42qud0VQi6YB5yPMABhwoX+ihnzJDTY9uuJklcnRH/VzpMXHL1n7Ow89zCXmBqiSj31CNhivJbS1Qhwhoox9LXOjLN74OqGfsYfSBcIhivFMT5sVg=,iv:2MGSfdiIRaiJuaabSTGWiOyaOFT/ajsYz6/QKcAv8d0=,tag:sUTsSQVQeAegC8sth4HNfA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.1