nixos-config/mastus/letsencrypt.nix

22 lines
426 B
Nix

{ config, pkgs, ... }:
{
systemd.services.letsencrypt = {
path = [ pkgs.simp_le ];
restartIfChanged = false;
serviceConfig = {
Type = "oneshot";
};
script = ''
mkdir -p /etc/sslcerts/acmeroot
cd /etc/sslcerts
simp_le -d git.gebner.org -d mail.gebner.org --default_root $PWD/acmeroot -f fullchain.pem -f key.pem --email gebner@gebner.org
'';
startAt = "04:00";
};
}