24 lines
593 B
Nix
24 lines
593 B
Nix
{
|
|
pkgs,
|
|
config,
|
|
lib,
|
|
...
|
|
}: {
|
|
options.services.nginx.domain = lib.mkOption {
|
|
type = lib.types.str;
|
|
description = "The base domain name to append to virtual domain names";
|
|
};
|
|
|
|
config = {
|
|
# Don't attempt to run acme if the domain name is not tlater.net
|
|
systemd.services = let
|
|
confirm = ''[[ "tlater.net" = ${config.services.nginx.domain} ]]'';
|
|
in
|
|
lib.mapAttrs' (cert: _:
|
|
lib.nameValuePair "acme-${cert}" {
|
|
serviceConfig.ExecCondition = ''${pkgs.runtimeShell} -c '${confirm}' '';
|
|
})
|
|
config.security.acme.certs;
|
|
};
|
|
}
|