2021-01-19 03:10:28 -05:00
|
|
|
{ ... }: {
|
|
|
|
systemd.services.hetzner-certbot = {
|
|
|
|
environment = {
|
|
|
|
API_TOKEN = (builtins.readFile /opt/cloud-init-misc-data/hcloud_token);
|
|
|
|
AWS_ACCESS_KEY_ID = (builtins.readFile /opt/cloud-init-misc-data/aws_access_key_id);
|
|
|
|
AWS_SECRET_ACCESS_KEY = (builtins.readFile /opt/cloud-init-misc-data/aws_secret_access_key);
|
|
|
|
ENVIRONMENT = (builtins.readFile /opt/cloud-init-misc-data/environment);
|
|
|
|
SERVICE = "guidelines";
|
|
|
|
DOMAIN_NAME = (builtins.readFile /opt/cloud-init-misc-data/domain_name);
|
|
|
|
ALTERNATIVE_NAMES = (builtins.readFile /opt/cloud-init-misc-data/domain_alternative_names);
|
|
|
|
LETSENCRYPT_DIR = "/mnt/data/letsencrypt";
|
|
|
|
SERVICE_PORTS = "443,8443,9443"; # guidelines, kibana, vault
|
|
|
|
};
|
|
|
|
serviceConfig.Type = "oneshot";
|
2021-01-19 07:08:44 -05:00
|
|
|
script = "/opt/certbot.sh --renew";
|
2021-01-19 03:10:28 -05:00
|
|
|
};
|
|
|
|
}
|