Make sure mosquitto uses updated cert

2026-03-27 09:27:44 -04:00 · 2025-06-12 11:12:50 -04:00 · 2025-06-12 11:12:50 -04:00 · ac1e65d4d6
commit ac1e65d4d6
parent 1c98a56bf2
1 changed files with 7 additions and 3 deletions
--- a/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix
@ -1,4 +1,8 @@
-{ config, ... }: {
+{ config, ... }: let
+  mqtt_domain = "mqtt.technicalissues.us";
+in {
+  security.acme.certs.${mqtt_domain}.postRun = "systemctl restart ${config.systemd.services.mosquitto.name}";
+
  services.mosquitto = {
    enable = true;
    bridges = {
@ -83,7 +87,7 @@
        port = 8883;
        users = mqtt_users;
        settings = let
-          certDir = config.security.acme.certs."mqtt.technicalissues.us".directory;
+          certDir = config.security.acme.certs."${mqtt_domain}".directory;
        in {
          allow_anonymous = false;
          keyfile = certDir + "/key.pem";
@ -95,7 +99,7 @@
        port = 9001;
        users = mqtt_users;
        settings = let
-          certDir = config.security.acme.certs."mqtt.technicalissues.us".directory;
+          certDir = config.security.acme.certs."${mqtt_domain}".directory;
        in {
          allow_anonymous = false;
          keyfile = certDir + "/key.pem";