diff options
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/security/acme.nix | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index 2815e2593b23..12ebc746f520 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -325,7 +325,8 @@ let # Working directory will be /tmp script = '' - set -euxo pipefail + ${optionalString data.enableDebugLogs "set -x"} + set -euo pipefail # This reimplements the expiration date check, but without querying # the acme server first. By doing this offline, we avoid errors @@ -438,6 +439,8 @@ let default = "_mkMergedOptionModule"; }; + enableDebugLogs = mkEnableOption "debug logging for this certificate" // { default = cfg.enableDebugLogs; }; + webroot = mkOption { type = types.nullOr types.str; default = null; @@ -616,6 +619,8 @@ in { options = { security.acme = { + enableDebugLogs = mkEnableOption "debug logging for all certificates by default" // { default = true; }; + validMinDays = mkOption { type = types.int; default = 30; |