From f0e5e90c107c211d0d112d23db11ce7f8315c321 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 13 Jul 2021 00:57:33 +0200 Subject: [PATCH] services: use wildcard certificate Should have done this a long time ago --- hosts/poseidon/default.nix | 4 ---- secrets/default.nix | 1 + secrets/gandi-api-key.secret | Bin 0 -> 63 bytes services/bitwarden_rs.nix | 2 +- services/gitea/default.nix | 2 +- services/jellyfin.nix | 2 +- services/lohr.nix | 2 +- services/matrix.nix | 8 ++++---- services/miniflux.nix | 2 +- services/monitoring.nix | 9 +++++---- services/nextcloud.nix | 2 +- services/nginx.nix | 20 +++++++++++++++++++- services/paperless.nix | 2 +- services/transmission.nix | 2 +- 14 files changed, 37 insertions(+), 21 deletions(-) create mode 100644 secrets/gandi-api-key.secret diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix index 059126c..40d6562 100644 --- a/hosts/poseidon/default.nix +++ b/hosts/poseidon/default.nix @@ -108,7 +108,6 @@ in monitoring = { enable = true; - useACME = true; domain = "monitoring.${config.networking.domain}"; }; @@ -157,9 +156,6 @@ in }; }; - security.acme.acceptTerms = true; - security.acme.email = "antoine97.martin@gmail.com"; - # Enable the OpenSSH daemon. services.openssh.enable = true; services.openssh.permitRootLogin = "no"; diff --git a/secrets/default.nix b/secrets/default.nix index 6a0a042..9df6f72 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -14,6 +14,7 @@ with lib; nextcloud-admin-pass = lib.fileContents ./nextcloud-admin-pass.secret; nextcloud-admin-user = lib.fileContents ./nextcloud-admin-user.secret; lohr-shared-secret = lib.fileContents ./lohr-shared-secret.secret; + gandiKey = lib.fileContents ./gandi-api-key.secret; borg-backup = import ./borg-backup { inherit lib; }; diff --git a/secrets/gandi-api-key.secret b/secrets/gandi-api-key.secret new file mode 100644 index 0000000000000000000000000000000000000000..06a9edabb961c3ea440cefc74e7bb645885d12ca GIT binary patch literal 63 zcmV-F0KoqMM@dveQdv+`0Pya0WBT>|V<^;pO&_