};
config = lib.mkIf cfg.enable {
- security.acme.certs = {
+ security.acme2.certs = {
"ejabberd" = config.myServices.certificates.certConfig // {
user = "ejabberd";
group = "ejabberd";
text = ''
host_config:
"immae.fr":
- domain_certfile: "${config.security.acme.directory}/ejabberd/full.pem"
+ domain_certfile: "${config.security.acme2.certs.ejabberd.directory}/full.pem"
auth_method: [ldap]
ldap_servers: ["${config.myEnv.jabber.ldap.host}"]
ldap_encrypt: tls
ERLANG_NODE=ejabberd@localhost
'';
configFile = pkgs.runCommand "ejabberd.yml" {
- certificatePrivateKeyAndFullChain = "${config.security.acme.directory}/ejabberd/full.pem";
+ certificatePrivateKeyAndFullChain = "${config.security.acme2.certs.ejabberd.directory}/full.pem";
certificateCA = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
sql_config_file = config.secrets.fullPaths."ejabberd/psql.yml";
host_config_file = config.secrets.fullPaths."ejabberd/host.yml";