bvm-radius: add ACME certs for as205479.net

This commit is contained in:
Luke Granger-Brown 2021-09-25 17:38:09 +00:00
parent b50fa68559
commit f93ec18859

View file

@ -14,6 +14,7 @@ in {
networking = { networking = {
hostName = "bvm-radius"; hostName = "bvm-radius";
hostId = "dcc75f10"; hostId = "dcc75f10";
tempAddresses = "disabled";
interfaces.enp1s0 = { interfaces.enp1s0 = {
ipv4.addresses = [{ address = "10.100.0.207"; prefixLength = 23; }]; ipv4.addresses = [{ address = "10.100.0.207"; prefixLength = 23; }];
@ -46,6 +47,19 @@ in {
}; };
my.ip.tailscale = "100.120.98.116"; my.ip.tailscale = "100.120.98.116";
security.acme = {
acceptTerms = true;
email = "letsencrypt@lukegb.com";
certs."as205479.net" = {
dnsProvider = "gcloud";
credentialsFile = secrets.gcpDNSCredentials;
dnsPropagationCheck = false;
#postRun = ''
# systemctl restart freeradius
#'';
};
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
freeradius freeradius
depot.pkgs.eapol-test depot.pkgs.eapol-test