summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorsils <sils@sils.li>2023-03-20 15:43:05 +0100
committersils <sils@sils.li>2023-03-20 15:43:05 +0100
commitab3c9aa228ecaf79fae5cc1d2bdcb84f2e12951e (patch)
treedd0c140a0315e83cf881f1fda1321af02f35711d
parentRevert "Fix(system/mail): Change placeholder" (diff)
downloadnixos-server-ab3c9aa228ecaf79fae5cc1d2bdcb84f2e12951e.tar.gz
nixos-server-ab3c9aa228ecaf79fae5cc1d2bdcb84f2e12951e.zip
Fix(acme): Store certs permanently.
           Before, new certs were requested at every rebuild.
           This caused issues due to letsencrypt ratelimiting.
-rw-r--r--system/file_system_layouts/default.nix4
-rw-r--r--system/mail/default.nix1
2 files changed, 4 insertions, 1 deletions
diff --git a/system/file_system_layouts/default.nix b/system/file_system_layouts/default.nix
index 9d03a05..31b0b0b 100644
--- a/system/file_system_layouts/default.nix
+++ b/system/file_system_layouts/default.nix
@@ -40,6 +40,10 @@ in {
         device = "/srv/nix-config";
         options = ["bind"];
       };
+      "/var/lib/acme" = {
+        device = "/srv/acme";
+        options = ["bind"];
+      };
     };
   };
 }
diff --git a/system/mail/default.nix b/system/mail/default.nix
index 7102958..d2fd55c 100644
--- a/system/mail/default.nix
+++ b/system/mail/default.nix
@@ -47,5 +47,4 @@ in {
   keyFile = "/var/lib/acme/server1.vhack.eu/key.pem";
   certificateScheme = 1;
   certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem";
-
 }