mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-09-11 15:08:33 +01:00
1e3607d331
Lego allows users to use the DNS-01 challenge to validate their certificates. It is mostly backwards compatible, with a few caveats. - extraDomains can no longer have different webroots to the main webroot for the cert. - An email address is now mandatory for account creation The following other changes were required: - Deprecate security.acme.certs.<name>.plugins, as this was specific to simp-le - Rename security.acme.validMin to validMinDays, to avoid confusion and errors. Lego requires the TTL to be specified in days - Add options to cover DNS challenge (dnsProvider, credentialsFile, dnsPropagationCheck) - A shared state directory is now used (/var/lib/acme/.lego) to avoid account creation rate limits and share credentials between certs |
||
|---|---|---|
| .. | ||
| config | ||
| hardware | ||
| i18n/input-method | ||
| installer | ||
| misc | ||
| profiles | ||
| programs | ||
| security | ||
| services | ||
| system | ||
| tasks | ||
| testing | ||
| virtualisation | ||
| module-list.nix | ||
| rename.nix | ||