kookie
/
nomicon
1
0
Fork 0
Code Issues Projects Releases 1 Activity

nixos/simp_le: Rename to security.acme

Browse Source
wip/yesman
Franz Pletz 9 years ago
parent e7362a877d
commit de24b00d41
2 changed files with 11 additions and 11 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      nixos/modules/module-list.nix
  2. 20
      nixos/modules/security/acme.nix

2
nixos/modules/module-list.nix
Unescape View File

@ -80,6 +80,7 @@
./programs/xfs_quota.nix
./programs/zsh/zsh.nix
./rename.nix
./security/acme.nix
./security/apparmor.nix
./security/apparmor-suid.nix
./security/ca.nix
@ -388,7 +389,6 @@
./services/security/hologram.nix
./services/security/munge.nix
./services/security/physlock.nix
./services/security/simp_le.nix
./services/security/torify.nix
./services/security/tor.nix
./services/security/torsocks.nix

20
nixos/modules/services/security/simp_le.nix → nixos/modules/security/acme.nix
Unescape View File

@ -4,7 +4,7 @@ with lib;
let
cfg = config.services.simp_le;
cfg = config.security.acme;
certOpts = { ... }: {
options = {
@ -40,13 +40,13 @@ let
user = mkOption {
type = types.str;
default = "root";
description = "User under which simp_le would run.";
description = "User running the ACME client.";
};
group = mkOption {
type = types.str;
default = "root";
description = "Group under which simp_le would run.";
description = "Group running the ACME client.";
};
postRun = mkOption {
@ -95,9 +95,9 @@ in
###### interface
options = {
services.simp_le = {
security.acme = {
directory = mkOption {
default = "/var/lib/simp_le";
default = "/var/lib/acme";
type = types.str;
description = ''
Directory where certs and other state will be stored by default.
@ -138,9 +138,9 @@ in
++ concatLists (mapAttrsToList (name: root: [ "-d" (if root == null then name else "${name}:${root}")]) data.extraDomains);
in nameValuePair
("simp_le-${cert}")
("acme-${cert}")
({
description = "simp_le cert renewal for ${cert}";
description = "ACME cert renewal for ${cert} using simp_le";
after = [ "network.target" ];
serviceConfig = {
Type = "oneshot";
@ -177,13 +177,13 @@ in
);
systemd.timers = flip mapAttrs' cfg.certs (cert: data: nameValuePair
("simp_le-${cert}")
("acme-${cert}")
({
description = "timer for simp_le cert renewal of ${cert}";
description = "timer for ACME cert renewal of ${cert}";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = data.renewInterval;
Unit = "simp_le-${cert}.service";
Unit = "acme-simp_le-${cert}.service";
};
})
);
Write Preview
Loading…
Cancel
Save