nixos-config/mastus/letsencrypt.nix

{ config, pkgs, ... }:

{
  systemd.services.letsencrypt = {
    path = [ pkgs.simp_le ];

    restartIfChanged = false;
    serviceConfig = {
      Type = "oneshot";
    };

    script = ''
      mkdir -p /etc/sslcerts/acmeroot
      cd /etc/sslcerts

      simp_le \
        -d git.gebner.org \
        -d mail.gebner.org \
        --default_root $PWD/acmeroot \
        -f account_key.json -f fullchain.pem -f key.pem \
        --email gebner@gebner.org

      cp key.pem key-dovecot.pem
      chown dovecot2 key-dovecot.pem
    '';

    startAt = "04:00";
  };
}
letsencrypt 2015-12-05 13:41:20 +01:00			`{ config, pkgs, ... }:`

			`{`
			`systemd.services.letsencrypt = {`
			`path = [ pkgs.simp_le ];`

			`restartIfChanged = false;`
			`serviceConfig = {`
			`Type = "oneshot";`
			`};`

			`script = ''`
			`mkdir -p /etc/sslcerts/acmeroot`
			`cd /etc/sslcerts`

Fix simp_le. 2016-03-04 16:14:06 +01:00			`simp_le \`
			`-d git.gebner.org \`
			`-d mail.gebner.org \`
			`--default_root $PWD/acmeroot \`
			`-f account_key.json -f fullchain.pem -f key.pem \`
			`--email gebner@gebner.org`
simp_le: update dovecot key. 2016-03-04 16:16:55 +01:00
			`cp key.pem key-dovecot.pem`
			`chown dovecot2 key-dovecot.pem`
letsencrypt 2015-12-05 13:41:20 +01:00			`'';`

			`startAt = "04:00";`
			`};`
			`}`