genebean/dots
1
0
Fork 0
mirror of https://github.com/genebean/dots.git synced 2026-03-27 09:27:44 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make sure mosquitto uses updated cert

Browse source
This commit is contained in:
Gene Liverman 2025-06-12 11:12:50 -04:00
parent 1c98a56bf2
commit ac1e65d4d6
1 changed files with 7 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
modules/hosts/nixos/hetznix01/post-install/mosquitto.nix
View file

@ -1,4 +1,8 @@
{ config, ... }: { { config, ... }: let
mqtt_domain = "mqtt.technicalissues.us";
in {
security.acme.certs.${mqtt_domain}.postRun = "systemctl restart ${config.systemd.services.mosquitto.name}";
services.mosquitto = { services.mosquitto = {
enable = true; enable = true;
bridges = { bridges = {
@ -83,7 +87,7 @@
port = 8883; port = 8883;
users = mqtt_users; users = mqtt_users;
settings = let settings = let
certDir = config.security.acme.certs."mqtt.technicalissues.us".directory; certDir = config.security.acme.certs."${mqtt_domain}".directory;
in { in {
allow_anonymous = false; allow_anonymous = false;
keyfile = certDir + "/key.pem"; keyfile = certDir + "/key.pem";
@ -95,7 +99,7 @@
port = 9001; port = 9001;
users = mqtt_users; users = mqtt_users;
settings = let settings = let
certDir = config.security.acme.certs."mqtt.technicalissues.us".directory; certDir = config.security.acme.certs."${mqtt_domain}".directory;
in { in {
allow_anonymous = false; allow_anonymous = false;
keyfile = certDir + "/key.pem"; keyfile = certDir + "/key.pem";