diff options
| author | edanaher <github@edanaher.net> | 2017-04-11 12:28:05 -0400 |
|---|---|---|
| committer | Franz Pletz <fpletz@fnordicwalking.de> | 2017-04-11 18:28:05 +0200 |
| commit | e3559c23c2c0c721627b60dae34c6de1ab685570 (patch) | |
| tree | 218adef619d52ef08fb0cc54b461d01205961533 /nixos | |
| parent | 54fff9ec1a9e7425926eadffada0268351536926 (diff) | |
acme: Add "domain" option to separate domain from name
Fixes #24731.
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/security/acme.nix | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index ada198e0e586..5301ac14805d 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -19,6 +19,12 @@ let ''; }; + domain = mkOption { + type = types.nullOr types.str; + default = null; + description = "Domain to fetch certificate for (defaults to the entry name)"; + }; + email = mkOption { type = types.nullOr types.str; default = null; @@ -157,9 +163,10 @@ in servicesLists = mapAttrsToList certToServices cfg.certs; certToServices = cert: data: let + domain = if data.domain != null then data.domain else cert; cpath = "${cfg.directory}/${cert}"; rights = if data.allowKeysForGroup then "750" else "700"; - cmdline = [ "-v" "-d" cert "--default_root" data.webroot "--valid_min" cfg.validMin ] + cmdline = [ "-v" "-d" domain "--default_root" data.webroot "--valid_min" cfg.validMin ] ++ optionals (data.email != null) [ "--email" data.email ] ++ concatMap (p: [ "-f" p ]) data.plugins ++ concatLists (mapAttrsToList (name: root: [ "-d" (if root == null then name else "${name}:${root}")]) data.extraDomains); |