X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fejabberd%2Fdefault.nix;h=d051d790fd43c3a092ab9da56c3177d0fbce8972;hb=70f397239ef60b695b47e69bf96bcb8d50cb534c;hp=3537c246fe04a63c38872ff592afc08725a0401c;hpb=981fa80354fd6f00f49446777c38f77bd8a65f65;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/ejabberd/default.nix b/modules/private/ejabberd/default.nix index 3537c24..d051d79 100644 --- a/modules/private/ejabberd/default.nix +++ b/modules/private/ejabberd/default.nix @@ -14,11 +14,12 @@ in }; config = lib.mkIf cfg.enable { - security.acme2.certs = { + security.acme.certs = { "ejabberd" = config.myServices.certificates.certConfig // { user = "ejabberd"; group = "ejabberd"; domain = "eldiron.immae.eu"; + keyType = "rsa4096"; postRun = '' systemctl restart ejabberd.service ''; @@ -58,7 +59,7 @@ in text = '' host_config: "immae.fr": - domain_certfile: "${config.security.acme2.certs.ejabberd.directory}/full.pem" + domain_certfile: "${config.security.acme.certs.ejabberd.directory}/full.pem" auth_method: [ldap] ldap_servers: ["${config.myEnv.jabber.ldap.host}"] ldap_encrypt: tls @@ -66,8 +67,8 @@ in ldap_password: "${config.myEnv.jabber.ldap.password}" ldap_base: "${config.myEnv.jabber.ldap.base}" ldap_uids: - - "uid": "%u" - - "immaeXmppUid": "%u" + uid: "%u" + immaeXmppUid: "%u" ldap_filter: "${config.myEnv.jabber.ldap.filter}" ''; } @@ -81,7 +82,7 @@ in ERLANG_NODE=ejabberd@localhost ''; configFile = pkgs.runCommand "ejabberd.yml" { - certificatePrivateKeyAndFullChain = "${config.security.acme2.certs.ejabberd.directory}/full.pem"; + certificatePrivateKeyAndFullChain = "${config.security.acme.certs.ejabberd.directory}/full.pem"; certificateCA = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; sql_config_file = config.secrets.fullPaths."ejabberd/psql.yml"; host_config_file = config.secrets.fullPaths."ejabberd/host.yml";