Upgrade acme bot

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2020-01-15 20:41:19 +0100
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2020-01-15 20:41:19 +0100
commit: 981fa80354fd6f00f49446777c38f77bd8a65f65 (patch)
tree: 878a24e3daa325cfec75b1a413e5144829558d38 /modules/private/tasks/default.nix
parent: 258441019881c451686dbe537069228cc8e49612 (diff)
download: Nix-981fa80354fd6f00f49446777c38f77bd8a65f65.tar.gz
Nix-981fa80354fd6f00f49446777c38f77bd8a65f65.tar.zst
Nix-981fa80354fd6f00f49446777c38f77bd8a65f65.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/modules/private/tasks/default.nix b/modules/private/tasks/default.nix
index c4f065b..c0cc87b 100644
--- a/modules/private/tasks/default.nix
+++ b/modules/private/tasks/default.nix
@@ -192,9 +192,9 @@ in {
    myServices.websites.webappDirs._task = ./www;
-    security.acme.certs."task" = config.myServices.certificates.certConfig // {
+    security.acme2.certs."task" = config.myServices.certificates.certConfig // {
      inherit user group;
-      plugins = [ "fullchain.pem" "key.pem" "cert.pem" "account_key.json" ];
+      plugins = [ "fullchain.pem" "key.pem" "cert.pem" "account_key.json" "account_reg.json" ];
      domain = fqdn;
      postRun = ''
        systemctl restart taskserver.service
@@ -244,9 +244,9 @@ in {
      inherit fqdn;
      listenHost = "::";
      pki.manual.ca.cert = "${server_vardir}/keys/ca.cert";
-      pki.manual.server.cert = "${config.security.acme.directory}/task/fullchain.pem";
+      pki.manual.server.cert = "${config.security.acme2.certs.task.directory}/fullchain.pem";
-      pki.manual.server.crl = "${config.security.acme.directory}/task/invalid.crl";
+      pki.manual.server.crl = "${config.security.acme2.certs.task.directory}/invalid.crl";
-      pki.manual.server.key = "${config.security.acme.directory}/task/key.pem";
+      pki.manual.server.key = "${config.security.acme2.certs.task.directory}/key.pem";
      requestLimit = 104857600;
    };
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2020-01-15 20:41:19 +0100
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2020-01-15 20:41:19 +0100
commit	981fa80354fd6f00f49446777c38f77bd8a65f65 (patch)
tree	878a24e3daa325cfec75b1a413e5144829558d38 /modules/private/tasks/default.nix
parent	258441019881c451686dbe537069228cc8e49612 (diff)
download	Nix-981fa80354fd6f00f49446777c38f77bd8a65f65.tar.gz Nix-981fa80354fd6f00f49446777c38f77bd8a65f65.tar.zst Nix-981fa80354fd6f00f49446777c38f77bd8a65f65.zip

diff --git a/modules/private/tasks/default.nix b/modules/private/tasks/default.nix index c4f065b..c0cc87b 100644 --- a/modules/private/tasks/default.nix +++ b/modules/private/tasks/default.nix
@@ -192,9 +192,9 @@ in {
192		192
193	myServices.websites.webappDirs._task = ./www;	193	myServices.websites.webappDirs._task = ./www;
194		194
195	security.acme.certs."task" = config.myServices.certificates.certConfig // {	195	security.acme2.certs."task" = config.myServices.certificates.certConfig // {
196	inherit user group;	196	inherit user group;
197	plugins = [ "fullchain.pem" "key.pem" "cert.pem" "account_key.json" ];	197	plugins = [ "fullchain.pem" "key.pem" "cert.pem" "account_key.json" "account_reg.json" ];
198	domain = fqdn;	198	domain = fqdn;
199	postRun = ''	199	postRun = ''
200	systemctl restart taskserver.service	200	systemctl restart taskserver.service
@@ -244,9 +244,9 @@ in {
244	inherit fqdn;	244	inherit fqdn;
245	listenHost = "::";	245	listenHost = "::";
246	pki.manual.ca.cert = "${server_vardir}/keys/ca.cert";	246	pki.manual.ca.cert = "${server_vardir}/keys/ca.cert";
247	pki.manual.server.cert = "${config.security.acme.directory}/task/fullchain.pem";	247	pki.manual.server.cert = "${config.security.acme2.certs.task.directory}/fullchain.pem";
248	pki.manual.server.crl = "${config.security.acme.directory}/task/invalid.crl";	248	pki.manual.server.crl = "${config.security.acme2.certs.task.directory}/invalid.crl";
249	pki.manual.server.key = "${config.security.acme.directory}/task/key.pem";	249	pki.manual.server.key = "${config.security.acme2.certs.task.directory}/key.pem";
250	requestLimit = 104857600;	250	requestLimit = 104857600;
251	};	251	};
252		252