From dcfdd87899bd8176342c77ae0c9f9e44a2999489 Mon Sep 17 00:00:00 2001 From: Astro Date: Mon, 27 Sep 2021 22:27:36 +0200 Subject: [PATCH] DRY security.acme --- hosts/containers/hydra/default.nix | 4 ---- hosts/containers/kibana/default.nix | 4 ---- hosts/containers/matemat/default.nix | 5 ----- hosts/containers/mobilizon/default.nix | 4 ---- hosts/containers/scrape/default.nix | 4 ---- hosts/containers/stream/default.nix | 5 ----- hosts/pulsebert/default.nix | 5 ----- hosts/radiobert/default.nix | 4 ---- lib/default.nix | 13 +++++++++++++ 9 files changed, 13 insertions(+), 35 deletions(-) diff --git a/hosts/containers/hydra/default.nix b/hosts/containers/hydra/default.nix index 53cd8a55..6408e7c9 100644 --- a/hosts/containers/hydra/default.nix +++ b/hosts/containers/hydra/default.nix @@ -13,10 +13,6 @@ nixpkgs.config.allowUnfree = true; - security.acme = { - email = "mail@c3d2.de"; - acceptTerms = true; - }; security.pam.enableSSHAgentAuth = true; services.openssh = { diff --git a/hosts/containers/kibana/default.nix b/hosts/containers/kibana/default.nix index 38ab53ae..3e1c6a92 100644 --- a/hosts/containers/kibana/default.nix +++ b/hosts/containers/kibana/default.nix @@ -26,10 +26,6 @@ package = pkgs.kibana7; }; - security.acme = { - acceptTerms = true; - email = "mail@c3d2.de"; - }; services.nginx = let authFile = pkgs.writeText "htpasswd" "k-ot:sawCOTsl/fIUY"; vhost = url: { diff --git a/hosts/containers/matemat/default.nix b/hosts/containers/matemat/default.nix index d844167a..8b7d69a2 100644 --- a/hosts/containers/matemat/default.nix +++ b/hosts/containers/matemat/default.nix @@ -45,9 +45,4 @@ hostname = "matemat.hq.c3d2.de"; }; }; - - security.acme = { - acceptTerms = true; - email = "mail@c3d2.de"; - }; } diff --git a/hosts/containers/mobilizon/default.nix b/hosts/containers/mobilizon/default.nix index 2cb3e6f9..c225e174 100644 --- a/hosts/containers/mobilizon/default.nix +++ b/hosts/containers/mobilizon/default.nix @@ -49,8 +49,4 @@ locations."/".proxyPass = "http://localhost:4000"; }; }; - security.acme = { - acceptTerms = true; - email = "mail@c3d2.de"; - }; } diff --git a/hosts/containers/scrape/default.nix b/hosts/containers/scrape/default.nix index a14786b7..ee737163 100644 --- a/hosts/containers/scrape/default.nix +++ b/hosts/containers/scrape/default.nix @@ -40,10 +40,6 @@ in { root = config.users.users.scrape.home; }; }; - security.acme = { - acceptTerms = true; - email = "mail@c3d2.de"; - }; networking.firewall.allowedTCPPorts = [ 80 443 ]; systemd.services = let diff --git a/hosts/containers/stream/default.nix b/hosts/containers/stream/default.nix index 45377c5d..6e7ed40b 100644 --- a/hosts/containers/stream/default.nix +++ b/hosts/containers/stream/default.nix @@ -47,9 +47,4 @@ in }; }; }; - - security.acme = { - acceptTerms = true; - email = "mail@c3d2.de"; - }; } diff --git a/hosts/pulsebert/default.nix b/hosts/pulsebert/default.nix index 1575fbd6..7ec992f8 100644 --- a/hosts/pulsebert/default.nix +++ b/hosts/pulsebert/default.nix @@ -135,11 +135,6 @@ in }; }; - security.acme = { - acceptTerms = true; - email = "mail@c3d2.de"; - }; - services.nginx = { enable = true; #recommendedGzipSettings = true; diff --git a/hosts/radiobert/default.nix b/hosts/radiobert/default.nix index 52cd9e92..b8a1006b 100644 --- a/hosts/radiobert/default.nix +++ b/hosts/radiobert/default.nix @@ -149,10 +149,6 @@ }; }; }; - security.acme = { - acceptTerms = true; - email = "mail@c3d2.de"; - }; # Allow access to USB services.udev.extraRules = '' diff --git a/lib/default.nix b/lib/default.nix index 8d46a5d1..f356301f 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -60,6 +60,14 @@ in { ''; }; + acmeEmail = mkOption { + type = str; + default = "mail@c3d2.de"; + description = '' + Admin email address to use for Letsencrypt + ''; + }; + hq = { /* externalInterface = mkOption { @@ -258,6 +266,11 @@ in { rebootTime = "15s"; }; + # Defaults for LetsEncrypt + security.acme = { + acceptTerms = true; + email = cfg.acmeEmail; + }; }; meta.maintainers = with lib.maintainers; [ ehmry ];