diff options
-rw-r--r-- | system/services/taskserver/default.nix | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/system/services/taskserver/default.nix b/system/services/taskserver/default.nix index 1b0d29d..33416e6 100644 --- a/system/services/taskserver/default.nix +++ b/system/services/taskserver/default.nix @@ -1,6 +1,14 @@ -{...}: { +{...}: let + taskStore = "/var/lib/taskserver"; +in { services.taskserver = { enable = true; + config = { + server = { + cert = "${taskStore}/fullchain.pem"; + key = "${taskStore}/privkey.pem"; + }; + }; pki.auto = { expiration = { server = 365; @@ -16,4 +24,22 @@ fqdn = "taskserver.vhack.eu"; listenHost = "taskserver.vhack.eu"; }; + security.acme.certs.taskserver = { + domain = "taskserver.vhack.eu"; + postRun = + /* + bash + */ + '' + set -x + rm "${taskStore}/key.pem" + rm "${taskStore}/fullchain.pem" + + cp key.pem "${taskStore}"; + cp fullchain.pem "${taskStore}"; + + chown taskd:taskd "${taskStore}/key.pem" + chown taskd:taskd "${taskStore}/fullchain.pem" + ''; + }; } |