diff options
| author | Lucas Savva <lucas@m1cr0man.com> | 2020-09-04 20:28:46 +0100 |
|---|---|---|
| committer | Lucas Savva <lucas@m1cr0man.com> | 2020-09-05 01:06:29 +0100 |
| commit | f57824c915e350a488b109427351df2757424278 (patch) | |
| tree | 0a0c54e7045a9b6fdea91a3fca238a7b3567d36a /nixos/modules/security | |
| parent | 67a5d660cbba42d4461cbc67296bb9e96fd9c74f (diff) | |
| download | nixpkgs-f57824c915e350a488b109427351df2757424278.tar nixpkgs-f57824c915e350a488b109427351df2757424278.tar.gz nixpkgs-f57824c915e350a488b109427351df2757424278.tar.bz2 nixpkgs-f57824c915e350a488b109427351df2757424278.tar.lz nixpkgs-f57824c915e350a488b109427351df2757424278.tar.xz nixpkgs-f57824c915e350a488b109427351df2757424278.tar.zst nixpkgs-f57824c915e350a488b109427351df2757424278.zip | |
nixos/acme: Update docs, use assert more effectively
Diffstat (limited to 'nixos/modules/security')
| -rw-r--r-- | nixos/modules/security/acme.xml | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/nixos/modules/security/acme.xml b/nixos/modules/security/acme.xml index 005eebd75c0..17e94bc12fb 100644 --- a/nixos/modules/security/acme.xml +++ b/nixos/modules/security/acme.xml @@ -251,4 +251,16 @@ chmod 400 /var/lib/secrets/certs.secret journalctl -fu acme-example.com.service</literal> and watching its log output. </para> </section> + <section xml:id="module-security-acme-regenerate"> + <title>Regenerating certificates</title> + + <para> + Should you need to regenerate a particular certificate in a hurry, such + as when a vulnerability is found in Let's Encrypt, there is now a convenient + mechanism for doing so. Running <literal>systemctl clean acme-example.com.service</literal> + will remove all certificate files for the given domain, allowing you to then + <literal>systemctl start acme-example.com.service</literal> to generate fresh + ones. + </para> + </section> </chapter> |