From abb023c0c18bf13d7c9c4134d183870d4852ec3b Mon Sep 17 00:00:00 2001
From: Patryk Niedźwiedziński <pniedzwiedzinski19@gmail.com>
Date: Wed, 26 May 2021 21:15:46 +0200
Subject: Add group for certs

---
 machines/srv1/configuration.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/machines/srv1/configuration.nix b/machines/srv1/configuration.nix
index 8d167c5..4215ded 100644
--- a/machines/srv1/configuration.nix
+++ b/machines/srv1/configuration.nix
@@ -227,6 +227,8 @@ in
     keyPath = "/var/lib/acme/niedzwiedzinski.cyou/key.pem";
     docBase = "/var/www/niedzwiedzinski.cyou";
   };
+  security.acme.certs."niedzwiedzinski.cyou".allowKeysForGroup = true;
+  systemd.services.molly-brown.serviceConfig.SupplementaryGroups = [ config.security.acme.certs."niedzwiedzinski.cyou".group ];
 
   systemd = {
     services.git-fetch = {
-- 
cgit 1.4.1