modules/nixos+darwin: make everything an actual module again

author: seth <[email protected]> 2024-02-02 14:40:21 -0500
committer: seth <[email protected]> 2024-02-02 14:40:21 -0500
commit: 9758b8236dcaafb958e6ef4f634d201af0bea80b (patch)
tree: 5c5e2ad317d6bef10a26487c5aa2e7887e18f68c /modules/nixos/server/acme.nix
parent: b405f4750738a0850cf220f7bade601a8c6355b5 (diff)
1 files changed, 17 insertions, 10 deletions
diff --git a/modules/nixos/server/acme.nix b/modules/nixos/server/acme.nix
index edb499c..a08c8ae 100644
--- a/modules/nixos/server/acme.nix
+++ b/modules/nixos/server/acme.nix
@@ -1,18 +1,25 @@
 {
   config,
+  lib,
   secretsDir,
   ...
-}: {
-  age.secrets = {
-    cloudflareApiKey.file = secretsDir + "/cloudflareApiKey.age";
-  };
+}: let
+  cfg = config.server.acme;
+in {
+  options.server.acme.enable = lib.mkEnableOption "ACME support";
+
+  config = lib.mkIf cfg.enable {
+    age.secrets = {
+      cloudflareApiKey.file = secretsDir + "/cloudflareApiKey.age";
+    };
 
-  security.acme = {
-    acceptTerms = true;
-    defaults = {
-      email = "[email protected]";
-      dnsProvider = "cloudflare";
-      credentialsFile = config.age.secrets.cloudflareApiKey.path;
+    security.acme = {
+      acceptTerms = true;
+      defaults = {
+        email = "[email protected]";
+        dnsProvider = "cloudflare";
+        credentialsFile = config.age.secrets.cloudflareApiKey.path;
+      };
     };
   };
 }
author	seth <[email protected]>	2024-02-02 14:40:21 -0500
committer	seth <[email protected]>	2024-02-02 14:40:21 -0500
commit	9758b8236dcaafb958e6ef4f634d201af0bea80b (patch)
tree	5c5e2ad317d6bef10a26487c5aa2e7887e18f68c /modules/nixos/server/acme.nix
parent	b405f4750738a0850cf220f7bade601a8c6355b5 (diff)