cron + alerting for cert updates

2023-08-10 00:46:36 +03:00 · 2023-08-10 00:46:36 +03:00 · 4878c42ca9
parent 9059f84632
commit 4878c42ca9
1 changed files with 20 additions and 1 deletions
--- a/modules/services/nsd-acme/default.nix
+++ b/modules/services/nsd-acme/default.nix
@ -186,6 +186,25 @@ in {
      )
      config.mj.services.nsd-acme.zones;

-    mj.base.unitstatus.units = lib.mkIf config.mj.base.unitstatus.enable ["nsd-control-setup"];
+    systemd.timers =
+      lib.mapAttrs'
+      (
+        zone: cfg:
+          lib.nameValuePair "nsd-acme-${lib.strings.sanitizeDerivationName zone}" {
+            description = "nsd-acme for zone ${zone}";
+            wantedBy = ["timers.target"];
+            timerConfig = {
+              OnCalendar = "*-*-* 01:30";
+            };
+            after = ["network-online.target"];
+          }
+      )
+      config.mj.services.nsd-acme.zones;
+
+    mj.base.unitstatus.units = let
+      zones = config.mj.services.nsd-acme.zones;
+      sanitized = map lib.strings.sanitizeDerivationName (lib.attrNames zones);
+    in
+      lib.mkIf config.mj.base.unitstatus.enable (["nsd-control-setup"] ++ map (n: "nsd-acme-${n}") sanitized);
  };
 }