hosts/atlas+p-body: use cloudflare dns for acme

author: seth <[email protected]> 2023-08-03 03:31:35 -0400
committer: seth <[email protected]> 2023-08-03 03:33:16 -0400
commit: 527cea875ab37a7469975cd09906f424b988175c (patch)
tree: 87bb66dbc454cd2ac2657e3216af34d2c3e01062 /hosts
parent: 234801e89d681c2206ac17f00707ed76ea7bf725 (diff)
2 files changed, 7 insertions, 6 deletions
diff --git a/hosts/atlas/nginx.nix b/hosts/atlas/nginx.nix
index b6b2fe7..1e2a349 100644
--- a/hosts/atlas/nginx.nix
+++ b/hosts/atlas/nginx.nix
@@ -1,9 +1,14 @@
 {config, ...}: {
+  getchoo.server.acme.enable = true;
   networking.firewall.allowedTCPPorts = [443];
 
   security.acme = {
     acceptTerms = true;
-    defaults.email = "[email protected]";
+    defaults = {
+      email = "[email protected]";
+      dnsProvider = "cloudflare";
+      credentialsFile = config.age.secrets.cloudflareApiKey.path;
+    };
   };
 
   services.nginx = {
diff --git a/hosts/p-body/nginx.nix b/hosts/p-body/nginx.nix
index 3390f89..b2dae30 100644
--- a/hosts/p-body/nginx.nix
+++ b/hosts/p-body/nginx.nix
@@ -1,13 +1,9 @@
 {config, ...}: let
   inherit (config.networking) domain;
 in {
+  getchoo.server.acme.enable = true;
   networking.firewall.allowedTCPPorts = [443];
 
-  security.acme = {
-    acceptTerms = true;
-    defaults.email = "[email protected]";
-  };
-
   services.nginx = {
     enable = true;
author	seth <[email protected]>	2023-08-03 03:31:35 -0400
committer	seth <[email protected]>	2023-08-03 03:33:16 -0400
commit	527cea875ab37a7469975cd09906f424b988175c (patch)
tree	87bb66dbc454cd2ac2657e3216af34d2c3e01062 /hosts
parent	234801e89d681c2206ac17f00707ed76ea7bf725 (diff)