3p/nixpkgs: fix pomerium-fix

This commit is contained in:
Luke Granger-Brown 2021-04-10 23:44:19 +00:00
parent 4707c69469
commit c552ff053b

View file

@ -27,12 +27,3 @@ diff --git a/nixos/modules/services/web-servers/pomerium.nix b/nixos/modules/ser
LoadCredential = optionals (cfg.useACMEHost != null) [ LoadCredential = optionals (cfg.useACMEHost != null) [
"fullchain.pem:/var/lib/acme/${cfg.useACMEHost}/fullchain.pem" "fullchain.pem:/var/lib/acme/${cfg.useACMEHost}/fullchain.pem"
"key.pem:/var/lib/acme/${cfg.useACMEHost}/key.pem" "key.pem:/var/lib/acme/${cfg.useACMEHost}/key.pem"
@@ -119,7 +123,7 @@ in
before = [ "acme-finished-${cfg.useACMEHost}.target" ];
after = [ "acme-${cfg.useACMEHost}.service" ];
# Block reloading if not all certs exist yet.
- unitConfig.ConditionPathExists = [ "${certs.${cfg.useACMEHost}.directory}/fullchain.pem" ];
+ unitConfig.ConditionPathExists = [ "${config.security.acme.certs.${cfg.useACMEHost}.directory}/fullchain.pem" ];
serviceConfig = {
Type = "oneshot";
TimeoutSec = 60;