service/acme: split from nginx

2025-10-31 01:32:11 +01:00 · 2025-01-22 00:48:12 +01:00 · 2025-01-22 00:48:12 +01:00 · bd2da85ef0
commit bd2da85ef0
parent 0314eeabd6
5 changed files with 45 additions and 25 deletions
--- a/modules/services/nginx/default.nix
+++ b/modules/services/nginx/default.nix
@ -448,24 +448,5 @@ in
    ];
    # Nginx needs to be able to read the certificates
    users.users.nginx.extraGroups = [ "acme" ];
-    security.acme = {
-      defaults.email = "server@buehler.rocks";
-      # this is specially needed for inwx and does not work without it
-      defaults.dnsResolver = "ns.inwx.de";
-      acceptTerms = true;
-      # Use DNS wildcard certificate
-      certs =
-        let
-          inherit (config.networking) domain;
-        in
-        with pkgs;
-        {
-          "${domain}" = {
-            extraDomainNames = [ "*.${domain}" ];
-            dnsProvider = "inwx";
-            inherit (cfg.acme) credentialsFile;
-          };
-        };
-    };
  };
 }