diff options
Diffstat (limited to 'infra/libkookie/configuration/server/acme/hyperion.nix')
-rw-r--r-- | infra/libkookie/configuration/server/acme/hyperion.nix | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/infra/libkookie/configuration/server/acme/hyperion.nix b/infra/libkookie/configuration/server/acme/hyperion.nix new file mode 100644 index 000000000000..1f382bf3cce2 --- /dev/null +++ b/infra/libkookie/configuration/server/acme/hyperion.nix @@ -0,0 +1,33 @@ +{ config, ... }: + +{ + security.acme = { + email = "letsencrypt@spacekookie.de"; + acceptTerms = true; + }; + + # `hyperion.kookie.space` needs a cert for IRC + security.acme.certs."hyperion.kookie.space" = { + webroot = "/var/lib/acme/acme-challenge"; + group = "tls"; + }; + + # Other certificates on the spacekookie.de namespace + security.acme.certs."spacekookie.de" = { + webroot = "/var/lib/acme/acme-challenge"; + extraDomainNames = [ + "www.spacekookie.de" + + # Prosody related certificates + "xmpp.spacekookie.de" + "guest-xmpp.spacekookie.de" + "rooms.spacekookie.de" + + # Public dev tools + "git.spacekookie.de" + "dev.spacekookie.de" + "stream.spacekookie.de" + ]; + group = "tls"; + }; +} |