Use DNS validation

2025-12-14 15:48:21 +01:00 · 2024-02-18 15:36:52 +03:00 · 2024-02-18 15:36:52 +03:00 · 4d4bdbefec
commit 4d4bdbefec
parent c96a0534aa
4 changed files with 32 additions and 6 deletions
--- a/hosts/vps1/configuration.nix
+++ b/hosts/vps1/configuration.nix
@ -95,6 +95,10 @@ in
      owner = config.users.users.akkoma.name;
      group = config.users.users.akkoma.group;
    };
+    secrets.porkbun = {
+      sopsFile = ../../secrets/porkbun.env;
+      format = "dotenv";
+    };
  };

  users.users.nginx.extraGroups = [ "acme" ];
@ -111,7 +115,7 @@ in
    };
    virtualHosts.${rootDomain} = {
      onlySSL = true;
-      enableACME = true;
+      useACMEHost = "${rootDomain}";
      root = "/var/www/todo";
    };
    virtualHosts.${gtnhDomain} = {
@ -140,11 +144,15 @@ in
    acceptTerms = true;
    defaults.email = "lgmrszd@disroot.org";
    certs.${rootDomain} = {
+      # domain = "*.${rootDomain}";
+      dnsProvider = "porkbun";
+      environmentFile = config.sops.secrets.porkbun.path;
      extraDomainNames = [
-        gtnhDomain
-        akkoDomain
-        iceDomain
-        discDomain
+        "*.${rootDomain}"
+      #   gtnhDomain
+      #   akkoDomain
+      #   iceDomain
+      #   discDomain
      ];
    };
  };