summary refs log tree commit diff stats
path: root/system/services/taskserver/default.nix
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--system/services/taskserver/default.nix28
1 files changed, 27 insertions, 1 deletions
diff --git a/system/services/taskserver/default.nix b/system/services/taskserver/default.nix
index 1b0d29d..33416e6 100644
--- a/system/services/taskserver/default.nix
+++ b/system/services/taskserver/default.nix
@@ -1,6 +1,14 @@
-{...}: {
+{...}: let
+  taskStore = "/var/lib/taskserver";
+in {
   services.taskserver = {
     enable = true;
+    config = {
+      server = {
+        cert = "${taskStore}/fullchain.pem";
+        key = "${taskStore}/privkey.pem";
+      };
+    };
     pki.auto = {
       expiration = {
         server = 365;
@@ -16,4 +24,22 @@
     fqdn = "taskserver.vhack.eu";
     listenHost = "taskserver.vhack.eu";
   };
+  security.acme.certs.taskserver = {
+    domain = "taskserver.vhack.eu";
+    postRun =
+      /*
+      bash
+      */
+      ''
+        set -x
+        rm "${taskStore}/key.pem"
+        rm "${taskStore}/fullchain.pem"
+
+        cp key.pem "${taskStore}";
+        cp fullchain.pem "${taskStore}";
+
+        chown taskd:taskd "${taskStore}/key.pem"
+        chown taskd:taskd "${taskStore}/fullchain.pem"
+      '';
+  };
 }