genebean/dots
1
0
Fork 0
mirror of https://github.com/genebean/dots.git synced 2026-03-27 01:17:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
dots/modules/shared/nixos/lets-encrypt.nix
Gene Liverman 9b3c078319
Add linting, formatting, and CI with fixes for all warnings 
Infrastructure:
- Add deadnix, nixfmt, and statix to flake inputs
- Add formatter output to flake for nix fmt support
- Add deadnix, nixfmt, statix to Home Manager packages
- Add GitHub Actions workflow for CI validation
- Add .pre-commit-config.yaml with hooks for nixfmt, deadnix, and statix
- Support x86_64-darwin in formatter

Statix fixes (W10/W20 warnings):
- Remove unused lambda argument from nixpkgs-settings.nix
- Merge repeated keys in hardware-configuration.nix files (boot.initrd, boot, fileSystems)
- Merge repeated keys in nixnuc/default.nix (services, virtualisation)
- Merge repeated keys in rainbow-planet/default.nix (desktopManager)
- Merge repeated keys in home/general/default.nix (home)

Deadnix fixes (unused declarations):
- Remove unused pkgs/lib/username/http_port arguments from various files
- Fix unused final parameter in overlay functions (final -> _final)

CI/pre-commit fixes:
- Fix pre-commit statix config: add pass_filenames: false
- Fix CI workflow: use nix run nixpkgs# prefix and --ci flag for nixfmt
2026-03-20 22:29:46 -04:00

28 lines
1,002 B
Nix
Raw Blame History

{ config, username, ... }:
{
##########################################################################
# #
# This module sets up Let's Encrypt certs via a DNS challenge to Gandi #
# #
##########################################################################
security.acme = {
acceptTerms = true;
defaults = {
email = "lets-encrypt@technicalissues.us";
credentialFiles = {
"GANDIV5_PERSONAL_ACCESS_TOKEN_FILE" = "${config.sops.secrets.gandi_dns_pat.path}";
};
dnsProvider = "gandiv5";
dnsResolver = "ns1.gandi.net";
# uncomment below for testing
#server = "https://acme-staging-v02.api.letsencrypt.org/directory";
};
};
sops = {
age.keyFile = "${config.users.users.${username}.home}/.config/sops/age/keys.txt";
secrets.gandi_dns_pat.sopsFile = ../secrets.yaml;
};
}
Reference in a new issue View git blame Copy permalink