nixfiles/hosts/hetzner-vm/services/mailserver/ssl.nix

{ pkgs, ... }:
let
  mail_config = (import ./config.nix { });
  acmeRoot = "/var/lib/acme/acme-challenge";

in {
  services.nginx = {
    enable = true;
    virtualHosts."${mail_config.fqdn}" = {
      serverName = mail_config.fqdn;
      serverAliases = mail_config.domains;
      forceSSL = true;
      enableACME = true;
      acmeRoot = acmeRoot;
    };
  };

  security.acme.certs."${mail_config.fqdn}" = {
    reloadServices = [ "postfix.service" "dovecot2.service" ];
  };
}
start mailserver work 2022-06-22 15:51:22 +01:00			`{ pkgs, ... }:`
shenanigan (at least one (1)) 2022-07-27 16:47:49 +01:00			`let`
			`mail_config = (import ./config.nix { });`
start mailserver work 2022-06-22 15:51:22 +01:00			`acmeRoot = "/var/lib/acme/acme-challenge";`

			`in {`
			`services.nginx = {`
			`enable = true;`
			`virtualHosts."${mail_config.fqdn}" = {`
			`serverName = mail_config.fqdn;`
			`serverAliases = mail_config.domains;`
mail server 2022-06-22 18:05:02 +01:00			`forceSSL = true;`
start mailserver work 2022-06-22 15:51:22 +01:00			`enableACME = true;`
shenanigan (at least one (1)) 2022-07-27 16:47:49 +01:00			`acmeRoot = acmeRoot;`
start mailserver work 2022-06-22 15:51:22 +01:00			`};`
			`};`

			`security.acme.certs."${mail_config.fqdn}" = {`
			`reloadServices = [ "postfix.service" "dovecot2.service" ];`
			`};`
			`}`