Add group for certs

author: Patryk Niedźwiedziński <pniedzwiedzinski19@gmail.com> 2021-05-26 21:15:46 +0200
committer: Patryk Niedźwiedziński <pniedzwiedzinski19@gmail.com> 2021-05-26 21:15:46 +0200
commit: abb023c0c18bf13d7c9c4134d183870d4852ec3b (patch)
tree: ed0894c0f2c2348a26e9f4076538288cde7f9487 /machines/srv1/configuration.nix
parent: 0b03b19b10466d079e5e1f6313973fdb60dbe8f5 (diff)
download: dots-abb023c0c18bf13d7c9c4134d183870d4852ec3b.tar.gz
dots-abb023c0c18bf13d7c9c4134d183870d4852ec3b.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/machines/srv1/configuration.nix b/machines/srv1/configuration.nix
index 8d167c5..4215ded 100644
--- a/machines/srv1/configuration.nix
+++ b/machines/srv1/configuration.nix
@@ -227,6 +227,8 @@ in
     keyPath = "/var/lib/acme/niedzwiedzinski.cyou/key.pem";
     docBase = "/var/www/niedzwiedzinski.cyou";
   };
+  security.acme.certs."niedzwiedzinski.cyou".allowKeysForGroup = true;
+  systemd.services.molly-brown.serviceConfig.SupplementaryGroups = [ config.security.acme.certs."niedzwiedzinski.cyou".group ];
 
   systemd = {
     services.git-fetch = {
author	Patryk Niedźwiedziński <pniedzwiedzinski19@gmail.com>	2021-05-26 21:15:46 +0200
committer	Patryk Niedźwiedziński <pniedzwiedzinski19@gmail.com>	2021-05-26 21:15:46 +0200
commit	abb023c0c18bf13d7c9c4134d183870d4852ec3b (patch)
tree	ed0894c0f2c2348a26e9f4076538288cde7f9487 /machines/srv1/configuration.nix
parent	0b03b19b10466d079e5e1f6313973fdb60dbe8f5 (diff)
download	dots-abb023c0c18bf13d7c9c4134d183870d4852ec3b.tar.gz dots-abb023c0c18bf13d7c9c4134d183870d4852ec3b.zip