motiejus/config
1
Fork 0
Code Packages Releases Activity

zones don't need to be sanitized

Browse Source 
it's DNS!
This commit is contained in:
Motiejus Jakštys 2023-08-10 10:45:24 +03:00
parent 7bedc09abb
commit fa435f65d0
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
modules/services/nsd-acme/default.nix
View File

@ -116,10 +116,8 @@ in {
}
// lib.mapAttrs'
(
zone: cfg: let
sanitized = lib.strings.sanitizeDerivationName zone;
in
lib.nameValuePair "nsd-acme-${sanitized}" {
zone: cfg:
lib.nameValuePair "nsd-acme-${zone}" {
description = "dns-01 acme update for ${zone}";
path = [pkgs.openssh pkgs.nsd];
preStart = ''
@ -140,7 +138,7 @@ in {
UMask = "0022";
User = "nsd";
Group = "nsd";
StateDirectory = "nsd-acme/${sanitized}";
StateDirectory = "nsd-acme/${zone}";
LoadCredential = ["letsencrypt-account-key:${cfg.accountKey}"];
ReadWritePaths = ["/var/lib/nsd/acmezones"];
SuccessExitStatus = [0 1];
@ -190,7 +188,7 @@ in {
lib.mapAttrs'
(
zone: cfg:
lib.nameValuePair "nsd-acme-${lib.strings.sanitizeDerivationName zone}" {
lib.nameValuePair "nsd-acme-${zone}" {
description = "nsd-acme for zone ${zone}";
wantedBy = ["timers.target"];
timerConfig = {
@ -201,10 +199,12 @@ in {
)
config.mj.services.nsd-acme.zones;
mj.base.unitstatus.units = let
zones = config.mj.services.nsd-acme.zones;
sanitized = map lib.strings.sanitizeDerivationName (lib.attrNames zones);
in
lib.mkIf config.mj.base.unitstatus.enable (["nsd-control-setup"] ++ map (n: "nsd-acme-${n}") sanitized);
mj.base.unitstatus.units =
lib.mkIf config.mj.base.unitstatus.enable
(
["nsd-control-setup"]
++ map (n: "nsd-acme-${n}")
(lib.attrNames config.mj.services.nsd-acme.zones)
);
};
}