feat: update credentialsFile to credentialFiles in acme

2023-12-17 20:56:16 +01:00 · 2023-12-17 20:56:16 +01:00 · 6f1c20a718
commit 6f1c20a718
parent a53c4524bb
4 changed files with 22 additions and 3 deletions
--- a/hosts/sentinel/acme.nix
+++ b/hosts/sentinel/acme.nix
@ -1,8 +1,14 @@
 {config, ...}: let
  inherit (config.repo.secrets.local) acme;
 in {
-  age.secrets.acme-credentials = {
+  age.secrets.acme-cloudflare-dns-token = {
-    rekeyFile = ./secrets/acme-credentials.age;
+    rekeyFile = ./secrets/acme-cloudflare-dns-token.age;
    mode = "440";
    group = "acme";
  };
  age.secrets.acme-cloudflare-zone-token = {
    rekeyFile = ./secrets/acme-cloudflare-zone-token.age;
    mode = "440";
    group = "acme";
  };
@ -11,7 +17,10 @@ in {
    acceptTerms = true;
    defaults = {
      inherit (acme) email;
-      credentialsFile = config.age.secrets.acme-credentials.path;
+      credentialFiles = {
        CF_DNS_API_TOKEN_FILE = config.age.secrets.acme-cloudflare-dns-token.path;
        CF_ZONE_API_TOKEN_FILE = config.age.secrets.acme-cloudflare-zone-token.path;
      };
      dnsProvider = "cloudflare";
      dnsPropagationCheck = true;
      reloadServices = ["nginx"];
--- a/hosts/sentinel/secrets/acme-cloudflare-dns-token.age
+++ b/hosts/sentinel/secrets/acme-cloudflare-dns-token.age
--- a/hosts/sentinel/secrets/acme-cloudflare-zone-token.age
+++ b/hosts/sentinel/secrets/acme-cloudflare-zone-token.age
@ -0,0 +1,10 @@
 age-encryption.org/v1
 -> X25519 Y7J0KmGssDwytzJSMTKnb2qVfCBEl4nMiKeg4PDhbhM
 R+FV22jr0XcybGJk8Z2o40O5ptRK3NPgQOxJ7HlORho
 -> piv-p256 xqSe8Q AyC1XlhbGhbfUBn4gV56t48AazKi5Lt9H5BCOZqbTtOp
 s3mrvVrMZ/kTdUSjKyBWa5hUFL2fwL2xRo7UFF0AwP0
 -> Ao-grease vp@ m_b
 oV7D7L5dZtF75bJ6Ms0yZr92rENJmE4xKpdlBp4h40onYWv1Z17R2/bmygv5MD9+
 S7J25g3rxfk00fUOK8cwDcWyRtp4jQqcooJyrQ
 --- J/aXuudcbUAfU06R065fsvPTX2qZr0w0eZ9gI6I+McY
 vÂâ-##·¬=|Ú•˝-IÝR†·żÝn<§z´fÄ.\śő‘cU/OÓ	6÷¶ëĽ±�Üož’Ţ$ő¶8\Ň6E•ËeËí†n
--- a/hosts/sentinel/secrets/acme-credentials.age
+++ b/hosts/sentinel/secrets/acme-credentials.age