diff options
author | sils <sils@sils.li> | 2023-03-20 15:43:05 +0100 |
---|---|---|
committer | sils <sils@sils.li> | 2023-03-20 15:43:05 +0100 |
commit | ab3c9aa228ecaf79fae5cc1d2bdcb84f2e12951e (patch) | |
tree | dd0c140a0315e83cf881f1fda1321af02f35711d | |
parent | Revert "Fix(system/mail): Change placeholder" (diff) | |
download | nixos-server-ab3c9aa228ecaf79fae5cc1d2bdcb84f2e12951e.tar.gz nixos-server-ab3c9aa228ecaf79fae5cc1d2bdcb84f2e12951e.zip |
Fix(acme): Store certs permanently.
Before, new certs were requested at every rebuild. This caused issues due to letsencrypt ratelimiting.
-rw-r--r-- | system/file_system_layouts/default.nix | 4 | ||||
-rw-r--r-- | system/mail/default.nix | 1 |
2 files changed, 4 insertions, 1 deletions
diff --git a/system/file_system_layouts/default.nix b/system/file_system_layouts/default.nix index 9d03a05..31b0b0b 100644 --- a/system/file_system_layouts/default.nix +++ b/system/file_system_layouts/default.nix @@ -40,6 +40,10 @@ in { device = "/srv/nix-config"; options = ["bind"]; }; + "/var/lib/acme" = { + device = "/srv/acme"; + options = ["bind"]; + }; }; }; } diff --git a/system/mail/default.nix b/system/mail/default.nix index 7102958..d2fd55c 100644 --- a/system/mail/default.nix +++ b/system/mail/default.nix @@ -47,5 +47,4 @@ in { keyFile = "/var/lib/acme/server1.vhack.eu/key.pem"; certificateScheme = 1; certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem"; - } |