summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorJ. Konrad Tegtmeier-Rottach <jktr@0x16.de>2020-06-08 02:17:55 +0200
committerJ. Konrad Tegtmeier-Rottach <jktr@0x16.de>2020-06-08 02:17:55 +0200
commita0189a4c495da3c7945c42b56c5dae501206c268 (patch)
tree24cd92c07f19f3c47a1341b3d1320d7d8098170d /nixos
parentd0abc5d54f7d41d81dd3bc9fab6afb214f7ded38 (diff)
downloadnixpkgs-a0189a4c495da3c7945c42b56c5dae501206c268.tar
nixpkgs-a0189a4c495da3c7945c42b56c5dae501206c268.tar.gz
nixpkgs-a0189a4c495da3c7945c42b56c5dae501206c268.tar.bz2
nixpkgs-a0189a4c495da3c7945c42b56c5dae501206c268.tar.lz
nixpkgs-a0189a4c495da3c7945c42b56c5dae501206c268.tar.xz
nixpkgs-a0189a4c495da3c7945c42b56c5dae501206c268.tar.zst
nixpkgs-a0189a4c495da3c7945c42b56c5dae501206c268.zip
nixos/acme: add extraLegoFlags option
Diffstat (limited to 'nixos')
-rw-r--r--nixos/modules/security/acme.nix11


1 files changed, 10 insertions, 1 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix
index 776ef07d716..7b492a67b28 100644
--- a/nixos/modules/security/acme.nix
+++ b/nixos/modules/security/acme.nix
@@ -150,6 +150,14 @@ let
         '';
       };
 
+      extraLegoFlags = mkOption {
+        type = types.listOf types.str;
+        default = [];
+        description = ''
+          Additional global flags to pass to all lego commands.
+        '';
+      };
+
       extraLegoRenewFlags = mkOption {
         type = types.listOf types.str;
         default = [];
@@ -308,7 +316,8 @@ in
                           ++ optionals (data.dnsProvider != null && !data.dnsPropagationCheck) [ "--dns.disable-cp" ]
                           ++ concatLists (mapAttrsToList (name: root: [ "-d" name ]) data.extraDomains)
                           ++ (if data.dnsProvider != null then [ "--dns" data.dnsProvider ] else [ "--http" "--http.webroot" data.webroot ])
-                          ++ optionals (cfg.server != null || data.server != null) ["--server" (if data.server == null then cfg.server else data.server)];
+                          ++ optionals (cfg.server != null || data.server != null) ["--server" (if data.server == null then cfg.server else data.server)]
+                          ++ data.extraLegoFlags;
                 certOpts = optionals data.ocspMustStaple [ "--must-staple" ];
                 runOpts = escapeShellArgs (globalOpts ++ [ "run" ] ++ certOpts);
                 renewOpts = escapeShellArgs (globalOpts ++

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-12 14:20:05 +0000