pastila: wip letsencrypt setup

pastila/configuration.nix

@@ -11,6 +11,7 @@ in
       ./backups.nix
       ./armael.nix
       ./gitolite.nix
+      ./letsencrypt.nix
     ];
 
   # Use the GRUB 2 boot loader.
@@ -56,6 +57,7 @@ in
     weechat
     transmission
     tremc
+    poezio
   ];
 
   # This option defines the first version of NixOS you have installed on this particular machine,

pastila/letsencrypt.nix

@@ -0,0 +1,25 @@
+{ config, lib, pkgs, ... }:
+
+{
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "armael@deuxfleurs.fr";
+    defaults.dnsProvider = "gandiv5";
+    defaults.credentialFiles = {
+      "GANDIV5_PERSONAL_ACCESS_TOKEN_FILE" = "/etc/secrets/acme/gandi_access_token";
+      "GANDIV5_API_KEY_FILE" = "/etc/secrets/acme/gandi_api_key";
+    };
+    # certs."isomorphis.me" = {};
+    # certs."mail" = {
+    #   domain = "smtp.isomorphis.me";
+    #   extraDomainNames = [
+    #     "imap.isomorphis.me"
+    # 	"smtp.tremeg.net"
+    # 	"imap.tremeg.net"
+    # 	"smtp.gueneau.me"
+    # 	"imap.gueneau.me"
+    #   ];
+    # };
+    certs."pastila.isomorphis.me" = {};
+  };
+}