diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2020-01-15 20:41:19 +0100 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2020-01-15 20:41:19 +0100 |
commit | 981fa80354fd6f00f49446777c38f77bd8a65f65 (patch) | |
tree | 878a24e3daa325cfec75b1a413e5144829558d38 /modules/private/databases/openldap | |
parent | 258441019881c451686dbe537069228cc8e49612 (diff) | |
download | Nix-981fa80354fd6f00f49446777c38f77bd8a65f65.tar.gz Nix-981fa80354fd6f00f49446777c38f77bd8a65f65.tar.zst Nix-981fa80354fd6f00f49446777c38f77bd8a65f65.zip |
Upgrade acme bot
Diffstat (limited to 'modules/private/databases/openldap')
-rw-r--r-- | modules/private/databases/openldap/default.nix | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/modules/private/databases/openldap/default.nix b/modules/private/databases/openldap/default.nix index 22f6f7b..d7d61db 100644 --- a/modules/private/databases/openldap/default.nix +++ b/modules/private/databases/openldap/default.nix | |||
@@ -24,9 +24,9 @@ let | |||
24 | overlay syncprov | 24 | overlay syncprov |
25 | syncprov-checkpoint 100 10 | 25 | syncprov-checkpoint 100 10 |
26 | 26 | ||
27 | TLSCertificateFile ${config.security.acme.directory}/ldap/cert.pem | 27 | TLSCertificateFile ${config.security.acme2.certs.ldap.directory}/cert.pem |
28 | TLSCertificateKeyFile ${config.security.acme.directory}/ldap/key.pem | 28 | TLSCertificateKeyFile ${config.security.acme2.certs.ldap.directory}/key.pem |
29 | TLSCACertificateFile ${config.security.acme.directory}/ldap/fullchain.pem | 29 | TLSCACertificateFile ${config.security.acme2.certs.ldap.directory}/fullchain.pem |
30 | TLSCACertificatePath ${pkgs.cacert.unbundled}/etc/ssl/certs/ | 30 | TLSCACertificatePath ${pkgs.cacert.unbundled}/etc/ssl/certs/ |
31 | #This makes openldap crash | 31 | #This makes openldap crash |
32 | #TLSCipherSuite DEFAULT | 32 | #TLSCipherSuite DEFAULT |
@@ -117,10 +117,10 @@ in | |||
117 | users.users.openldap.extraGroups = [ "keys" ]; | 117 | users.users.openldap.extraGroups = [ "keys" ]; |
118 | networking.firewall.allowedTCPPorts = [ 636 389 ]; | 118 | networking.firewall.allowedTCPPorts = [ 636 389 ]; |
119 | 119 | ||
120 | security.acme.certs."ldap" = config.myServices.databasesCerts // { | 120 | security.acme2.certs."ldap" = config.myServices.databasesCerts // { |
121 | user = "openldap"; | 121 | user = "openldap"; |
122 | group = "openldap"; | 122 | group = "openldap"; |
123 | plugins = [ "fullchain.pem" "key.pem" "cert.pem" "account_key.json" ]; | 123 | plugins = [ "fullchain.pem" "key.pem" "cert.pem" "account_key.json" "account_reg.json" ]; |
124 | domain = "ldap.immae.eu"; | 124 | domain = "ldap.immae.eu"; |
125 | postRun = '' | 125 | postRun = '' |
126 | systemctl restart openldap.service | 126 | systemctl restart openldap.service |