genebean/dots
1
0
Fork 0
mirror of https://github.com/genebean/dots.git synced 2026-03-27 01:17:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #520 from genebean/cert_usage

Browse source 
Make sure mosquitto uses updated cert
This commit is contained in:
Gene Liverman 2025-06-12 11:13:24 -04:00 committed by GitHub
commit fb1bdb028f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 7 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
modules/hosts/nixos/hetznix01/post-install/mosquitto.nix
View file

@ -1,4 +1,8 @@
{ config, ... }: {
{ config, ... }: let
mqtt_domain = "mqtt.technicalissues.us";
in {
security.acme.certs.${mqtt_domain}.postRun = "systemctl restart ${config.systemd.services.mosquitto.name}";
services.mosquitto = {
enable = true;
bridges = {
@ -83,7 +87,7 @@
port = 8883;
users = mqtt_users;
settings = let
certDir = config.security.acme.certs."mqtt.technicalissues.us".directory;
certDir = config.security.acme.certs."${mqtt_domain}".directory;
in {
allow_anonymous = false;
keyfile = certDir + "/key.pem";
@ -95,7 +99,7 @@
port = 9001;
users = mqtt_users;
settings = let
certDir = config.security.acme.certs."mqtt.technicalissues.us".directory;
certDir = config.security.acme.certs."${mqtt_domain}".directory;
in {
allow_anonymous = false;
keyfile = certDir + "/key.pem";