nixcloud.TLS default email

Question

nixcloud.TLS default email

Closed this issue 6 years ago · 4 comments

It would be nice if there was a way to specify a global default email in addition to the per-cert ones

Answer 1 · 2018-08-30T09:11:26.000Z

so according to the documentation: https://github.com/nixcloud/nixcloud-webservices/blob/master/documentation/nixcloud.TLS.md

we have this syntax:

nixcloud.TLS.certs = {
  "example.com-ACME" = {
    domain = "example.com";
    mode = "ACME";
    email = "foo@example.com";
    reload = [ "postifx.service" "myservice.service" ];
  };
  "example.com-selfsigned" = {
    domain = "example.com";
    mode = "selfsigned";
    email = "foo@example.com";
  };
  "example.com-usersupplied" = {
    domain = "example.com";
    mode = {
      tls_certificate="/root/.tls/fullchain.pem";
      tls_certificate_key="/root/.tls/key.pem";
    };
    email = "foo@example.com";
  };
};

and you propose this:

nixcloud.TLS = {
  email = "foo@example.com";
  certs = {
    "example.com-ACME" = {
      domain = "example.com";
      mode = "ACME";
      reload = [ "postifx.service" "myservice.service" ];
    };
    "example.com-selfsigned" = {
      domain = "example.com";
      mode = "selfsigned";
    };
    "example.com-usersupplied" = {
      domain = "example.com";
      mode = {
        tls_certificate="/root/.tls/fullchain.pem";
        tls_certificate_key="/root/.tls/key.pem";
      };
    };
  };
};

if you really want that, we can implement that. wouldn't be much work.

Answer 2 · 2018-08-31T10:31:02.000Z

more complicated than expected...

Answer 3 · 2018-08-31T10:56:00.000Z

implemented in 6c61dc1

Answer 4 · 2018-09-05T16:26:00.000Z

Thanks again!