Rename virtual folder to nixops

[perso/Immae/Config/Nix.git] / nixops / modules / certificates.nix

diff --git a/nixops/modules/certificates.nix b/nixops/modules/certificates.nix
new file mode 100644 (file)
index 0000000..7fae729
--- /dev/null
+++ b/nixops/modules/certificates.nix
@@ -0,0 +1,26 @@
+{ lib, pkgs, config, mylibs, ... }:
+{
+  options.services.myCertificates = {
+    certConfig = lib.mkOption {
+      default = {
+        webroot = "/var/lib/acme/acme-challenge";
+        email = "ismael@bouya.org";
+        postRun = ''
+          systemctl reload httpdTools.service httpdInte.service httpdProd.service
+        '';
+        plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
+      };
+      description = "Default configuration for certificates";
+    };
+  };
+
+  config = {
+    security.acme.preliminarySelfsigned = true;
+
+    security.acme.certs = {
+      "eldiron" = config.services.myCertificates.certConfig // {
+        domain = "eldiron.immae.eu";
+      };
+    };
+  };
+}