akko akko uwu try 8

Signed-off-by: Xe <me@christine.website>
This commit is contained in:
Cadey Ratio 2022-11-04 17:34:14 -04:00
parent 95a91ad49d
commit 60f937de1f
2 changed files with 25 additions and 0 deletions

View File

@ -64,7 +64,25 @@ in {
services.postgresql.enable = true; services.postgresql.enable = true;
security.acme = {
defaults.email = "me@xeiaso.net";
agreeTerms = true;
certs."akko.within.website" = {
group = "nginx";
dnsProvider = "route53";
credentialsFile = "/run/keys/aws-within.website";
extraLegoFlags = [ "--dns.resolvers=8.8.8.8:53" ];
};
};
age.secrets = { age.secrets = {
"aws-within.website" = {
file = ../../secret/aws-within.website.age;
path = "/run/keys/aws-within.website";
owner = "acme";
group = "nginx";
};
akko-keyid = { akko-keyid = {
file = ../../secret/akko-keyid.age; file = ../../secret/akko-keyid.age;
path = "/var/lib/secrets/akkoma/b2_key_id"; path = "/var/lib/secrets/akkoma/b2_key_id";

View File

@ -12,6 +12,13 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM6NPbPIcCTzeEsjyx0goWyj6fr2qzcfKCCdOUqg0N/v cadey@kos-mos" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM6NPbPIcCTzeEsjyx0goWyj6fr2qzcfKCCdOUqg0N/v cadey@kos-mos"
]; ];
i18n.defaultLocale = "en_US.UTF-8";
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [ 80 443 ];
networking.firewall.trustedInterfaces = [ "tailscale0" ];
services.tailscale.enable = true;
security.acme.email = "me@xeiaso.net"; security.acme.email = "me@xeiaso.net";
security.acme.acceptTerms = true; security.acme.acceptTerms = true;