add comments with source info

This commit is contained in:
Dmitriy Pleshevskiy 2023-04-23 09:58:51 +03:00
parent 55ec9e2106
commit e0938e5a25
Signed by: pleshevskiy
GPG key ID: 79C4487B44403985

View file

@ -5,6 +5,8 @@ let
certsDir = "/var/certs"; certsDir = "/var/certs";
# Extracting a Certificate from Traefik`s acme.json
# Source: https://www.zdyn.net/docker/2022/02/04/acme-certificate.html
dumpTraefikMailCerts = pkgs.writeScript "dump-mail-certs" '' dumpTraefikMailCerts = pkgs.writeScript "dump-mail-certs" ''
#!/bin/sh #!/bin/sh
${pkgs.jq}/bin/jq -r '.le.Certificates[] | select(.domain.main=="${cfg.fqdn}") | .certificate' /var/lib/traefik/acme.json | base64 -d > ${cfg.certificateFile} ${pkgs.jq}/bin/jq -r '.le.Certificates[] | select(.domain.main=="${cfg.fqdn}") | .certificate' /var/lib/traefik/acme.json | base64 -d > ${cfg.certificateFile}
@ -47,6 +49,8 @@ in
}; };
systemd = { systemd = {
# Watch traefik`s acme.json to update certs in /var/certs
# Source: https://superuser.com/questions/1171751/restart-systemd-service-automatically-whenever-a-directory-changes-any-file-ins
services.dump-traefik-mail-cert = { services.dump-traefik-mail-cert = {
unitConfig = { unitConfig = {
Description = "Restart mail cert service"; Description = "Restart mail cert service";