Fix a few issues with ACME certs

2017-11-09 13:16:06 -08:00 · 2017-11-09 13:16:06 -08:00 · bbca0bd678
parent ebd0f656ed
commit bbca0bd678
2 changed files with 4 additions and 3 deletions
--- a/mail-server/common.nix
+++ b/mail-server/common.nix
@ -26,7 +26,7 @@ in
             else if cfg.certificateScheme == 2
                  then "${cfg.certificateDirectory}/cert-${cfg.domain}.pem"
                  else if cfg.certificateScheme == 3
-                       then "/var/lib/acme/${cfg.hostPrefix}.${cfg.domain}/fullchain.pem"
+                       then "/var/lib/acme/mailserver/fullchain.pem"
                       else throw "Error: Certificate Scheme must be in { 1, 2, 3 }";
  # key :: PATH
@ -35,6 +35,6 @@ in
        else if cfg.certificateScheme == 2
             then "${cfg.certificateDirectory}/key-${cfg.domain}.pem"
              else if cfg.certificateScheme == 3
-                   then "/var/lib/acme/${cfg.hostPrefix}.${cfg.domain}/key.pem"
+                   then "/var/lib/acme/mailserver/key.pem"
                   else throw "Error: Certificate Scheme must be in { 1, 2, 3 }";
 }
--- a/mail-server/nginx.nix
+++ b/mail-server/nginx.nix
@ -20,6 +20,7 @@
 with (import ./common.nix { inherit config; });
 let
  inherit (lib.attrsets) genAttrs;
  cfg = config.mailserver;
  allDomains = [ cfg.domain ] ++ cfg.extraDomains;
  acmeRoot = "/var/lib/acme/acme-challenge";
@ -38,7 +39,7 @@ in
           acmeRoot = acmeRoot;
       });
    };
-    security.acme.certs."${hostPrefix}.${domain}" = {
+    security.acme.certs."mailserver" = {
      # @todo what user/group should this run as?
      user = "postfix"; # cfg.user;
      group = "postfix"; # lib.mkDefault cfg.group;