From e0938e5a25e790f20a19a95e62e67568602cf0e6 Mon Sep 17 00:00:00 2001
From: Dmitriy Pleshevskiy <dmitriy@pleshevski.ru>
Date: Sun, 23 Apr 2023 09:58:51 +0300
Subject: [PATCH] add comments with source info

---
 nixos/hosts/magenta/services/mailserver.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/nixos/hosts/magenta/services/mailserver.nix b/nixos/hosts/magenta/services/mailserver.nix
index b0617c6..d1a3e81 100644
--- a/nixos/hosts/magenta/services/mailserver.nix
+++ b/nixos/hosts/magenta/services/mailserver.nix
@@ -5,6 +5,8 @@ let
 
   certsDir = "/var/certs";
 
+  # Extracting a Certificate from Traefik`s acme.json
+  # Source: https://www.zdyn.net/docker/2022/02/04/acme-certificate.html
   dumpTraefikMailCerts = pkgs.writeScript "dump-mail-certs" ''
     #!/bin/sh
     ${pkgs.jq}/bin/jq -r '.le.Certificates[] | select(.domain.main=="${cfg.fqdn}") | .certificate' /var/lib/traefik/acme.json | base64 -d > ${cfg.certificateFile}
@@ -47,6 +49,8 @@ in
   };
 
   systemd = {
+    # Watch traefik`s acme.json to update certs in /var/certs
+    # Source: https://superuser.com/questions/1171751/restart-systemd-service-automatically-whenever-a-directory-changes-any-file-ins
     services.dump-traefik-mail-cert = {
       unitConfig = {
         Description = "Restart mail cert service";