nixos/services/acme.nix

{ options, config, lib, pkgs, ... }:

with builtins;
with lib;

let
  fn = import (../. + (toPath "/fn.nix")) { inherit lib; };
  cfg = config.machine;
in mkIf (elem "acme" cfg.services) {
  security.acme = {
    # see https://letsencrypt.org/repository/
    acceptTerms = true;
    email = fn.fileContentsOr
      (toPath "${cfg.secretPath}/acme.mailAddr")
      "${(elemAt cfg.mailAccounts 0).name}@${cfg.domain}";
  };
}
LetsEncrypt acme now requires an email and accepting their TOS. 2020-03-11 01:53:04 +01:00			`{ options, config, lib, pkgs, ... }:`

			`with builtins;`
			`with lib;`

			`let`
			`fn = import (../. + (toPath "/fn.nix")) { inherit lib; };`
			`cfg = config.machine;`
			`in mkIf (elem "acme" cfg.services) {`
			`security.acme = {`
			`# see https://letsencrypt.org/repository/`
			`acceptTerms = true;`
			`email = fn.fileContentsOr`
			`(toPath "${cfg.secretPath}/acme.mailAddr")`
			`"${(elemAt cfg.mailAccounts 0).name}@${cfg.domain}";`
			`};`
			`}`