diff options
author | datafoo <34766150+datafoo@users.noreply.github.com> | 2023-07-21 16:01:48 +0200 |
---|---|---|
committer | Anderson Torres <torres.anderson.85@protonmail.com> | 2023-09-11 16:34:20 +0000 |
commit | ade414b6c7b9b5fe5cf69d4a1508973f7f4787f0 (patch) | |
tree | 793e94cb5627f74fb6bf50d98c2f60d67b278aa4 /nixos/modules | |
parent | 5f105f87787b15a4f7179b6414b9fbe4063e34da (diff) |
nixos/acme: rename option credentialsFile to environmentFile
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/security/acme/default.md | 4 | ||||
-rw-r--r-- | nixos/modules/security/acme/default.nix | 12 |
2 files changed, 10 insertions, 6 deletions
diff --git a/nixos/modules/security/acme/default.md b/nixos/modules/security/acme/default.md index 8ff97b55f6856..31548ad181a73 100644 --- a/nixos/modules/security/acme/default.md +++ b/nixos/modules/security/acme/default.md @@ -189,7 +189,7 @@ security.acme.defaults.email = "admin+acme@example.com"; security.acme.certs."example.com" = { domain = "*.example.com"; dnsProvider = "rfc2136"; - credentialsFile = "/var/lib/secrets/certs.secret"; + environmentFile = "/var/lib/secrets/certs.secret"; # We don't need to wait for propagation since this is a local DNS server dnsPropagationCheck = false; }; @@ -256,7 +256,7 @@ security.acme.acceptTerms = true; security.acme.defaults.email = "admin+acme@example.com"; security.acme.defaults = { dnsProvider = "rfc2136"; - credentialsFile = "/var/lib/secrets/certs.secret"; + environmentFile = "/var/lib/secrets/certs.secret"; # We don't need to wait for propagation since this is a local DNS server dnsPropagationCheck = false; }; diff --git a/nixos/modules/security/acme/default.nix b/nixos/modules/security/acme/default.nix index 94fd77b23bb64..92bed172f4522 100644 --- a/nixos/modules/security/acme/default.nix +++ b/nixos/modules/security/acme/default.nix @@ -362,8 +362,8 @@ let "/var/lib/acme/.lego/${cert}/${certDir}:/tmp/certificates" ]; - # Only try loading the credentialsFile if the dns challenge is enabled - EnvironmentFile = mkIf useDns data.credentialsFile; + # Only try loading the environmentFile if the dns challenge is enabled + EnvironmentFile = mkIf useDns data.environmentFile; Environment = mkIf useDns (mapAttrsToList (k: v: ''"${k}=%d/${k}"'') data.credentialFiles); @@ -502,6 +502,10 @@ let defaultText = if isDefaults then default else literalExpression "config.security.acme.defaults.${name}"; }; in { + imports = [ + (mkRenamedOptionModule [ "credentialsFile" ] [ "environmentFile" ]) + ]; + options = { validMinDays = mkOption { type = types.int; @@ -613,9 +617,9 @@ let ''; }; - credentialsFile = mkOption { + environmentFile = mkOption { type = types.nullOr types.path; - inherit (defaultAndText "credentialsFile" null) default defaultText; + inherit (defaultAndText "environmentFile" null) default defaultText; description = lib.mdDoc '' Path to an EnvironmentFile for the cert's service containing any required and optional environment variables for your selected dnsProvider. |