rpqt/flocon
rpqt/flocon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

remove agenix and migrate secrets to clan vars

Browse source 
squash this
This commit is contained in:
Romain Paquet 2025-07-18 00:10:29 +02:00
parent b91a52da5e
commit 8b3841a87f
18 changed files with 96 additions and 165 deletions
Download patch file Download diff file Expand all files Collapse all files

12
machines/genepi/acme.nix
View file

@ -1,21 +1,25 @@
{ config, ... }:
{
imports = [
../../modules/gandi.nix
];
security.acme = {
acceptTerms = true;
defaults.email = "admin@rpqt.fr";
};
age.secrets.gandi.file = ../../secrets/gandi.age;
security.acme = {
certs."home.rpqt.fr" = {
group = config.services.nginx.group;
domain = "home.rpqt.fr";
extraDomainNames = [ "*.home.rpqt.fr" ];
dnsProvider = "gandiv5";
dnsPropagationCheck = true;
environmentFile = config.age.secrets.gandi.path;
environmentFile = config.clan.core.vars.generators.gandi.files.gandi-env.path;
email = "admin@rpqt.fr";
};
};
clan.core.vars.generators.gandi.files.gandi-env.owner = "acme";
}