nixfiles/modules/akne/default.nix

{ config, lib, pkgs, ... }:

with lib;

let
  cfg = config.clerie.akne;

in {
  options = {
    clerie.akne = {
      enable = mkEnableOption "Makes fun stuff with the nixos acme module.";
      selfSignedOnlyHostNames = mkOption {
        type = with types; listOf str;
        default = [];
        description = "List of hostnames for which the acme client gets disabled. This hostnames use the self-signed certs instead.";
      };
    };
  };

  config = {
    systemd.services = with lib; listToAttrs (
      flatten (
        map (
          name: [
            (
              nameValuePair "acme-${name}" {
                enable = false;
                wantedBy = mkForce [];
              }
            )
            (
              nameValuePair "acme-selfsigned-${name}" {
                wantedBy = [ "multi-user.target" ];
              }
            )
          ]
        ) cfg.selfSignedOnlyHostNames
      )
    );
    systemd.targets = with lib; listToAttrs (
      flatten (
        map (
          name: [
            (
              nameValuePair "acme-finished-${name}" {
                after = mkForce [ "acme-selfsigned-${name}.service" ];
                requires = mkForce [ "acme-selfsigned-${name}.service" ];
              }
            )
          ]
        ) cfg.selfSignedOnlyHostNames
      )
    );
  };
}
Add akne module for getting self signed certs with acme client 2021-05-15 18:48:38 +02:00			`{ config, lib, pkgs, ... }:`

			`with lib;`

			`let`
			`cfg = config.clerie.akne;`

			`in {`
			`options = {`
			`clerie.akne = {`
			`enable = mkEnableOption "Makes fun stuff with the nixos acme module.";`
modules/akne: Make akne work again and make the module usable 2022-09-28 21:08:20 +02:00			`selfSignedOnlyHostNames = mkOption {`
Add akne module for getting self signed certs with acme client 2021-05-15 18:48:38 +02:00			`type = with types; listOf str;`
modules/akne: Fix default value and tweak finished target 2022-09-28 22:07:41 +02:00			`default = [];`
Add akne module for getting self signed certs with acme client 2021-05-15 18:48:38 +02:00			`description = "List of hostnames for which the acme client gets disabled. This hostnames use the self-signed certs instead.";`
			`};`
			`};`
			`};`

			`config = {`
			`systemd.services = with lib; listToAttrs (`
			`flatten (`
			`map (`
			`name: [`
			`(`
			`nameValuePair "acme-${name}" {`
			`enable = false;`
			`wantedBy = mkForce [];`
			`}`
			`)`
			`(`
			`nameValuePair "acme-selfsigned-${name}" {`
			`wantedBy = [ "multi-user.target" ];`
			`}`
			`)`
			`]`
modules/akne: Make akne work again and make the module usable 2022-09-28 21:08:20 +02:00			`) cfg.selfSignedOnlyHostNames`
			`)`
			`);`
			`systemd.targets = with lib; listToAttrs (`
			`flatten (`
			`map (`
			`name: [`
			`(`
			`nameValuePair "acme-finished-${name}" {`
modules/akne: Fix default value and tweak finished target 2022-09-28 22:07:41 +02:00			`after = mkForce [ "acme-selfsigned-${name}.service" ];`
			`requires = mkForce [ "acme-selfsigned-${name}.service" ];`
modules/akne: Make akne work again and make the module usable 2022-09-28 21:08:20 +02:00			`}`
			`)`
			`]`
			`) cfg.selfSignedOnlyHostNames`
Add akne module for getting self signed certs with acme client 2021-05-15 18:48:38 +02:00			`)`
			`);`
			`};`
			`}`