| 15 Apr 2025 |
 conr | oh right, that’s what i meant. | 23:09:29 |
| conr | actually i started that but had a acme config issue | 23:10:03 |
| conr | @hexa do you have a config setup for amce registrations? | 23:11:55 |
 @hexa:lossy.network | https://wiki.nixos.org/wiki/ACME | 23:12:14 |
| conr | do you use cloudflare for dns? | 23:24:32 |
| @hexa:lossy.network | lol no | 23:31:57 |
| @hexa:lossy.network | domain is at porkbun, delegated to desec | 23:32:11 |
| conr | porkbun, me too | 23:35:11 |
| conr | how do you do auth? | 23:35:22 |
| @hexa:lossy.network | source ip | 23:37:21 |
| conr | can you explain more? | 23:38:46 |
| @hexa:lossy.network | https://www.home-assistant.io/docs/authentication/providers/#trusted-networks | 23:40:10 |
| conr | i mean for generating acme ssl certs | 23:40:39 |
| conr | i only see api token and user/pass options in the wiki for DNS Challenge | 23:42:08 |
| @hexa:lossy.network | well you need to check the dns providers that lego supports and how to set them up | 23:42:34 |
| @hexa:lossy.network | https://go-acme.github.io/lego/dns/ | 23:42:44 |
| conr | how do you do it with porkbun? | 23:42:54 |
| @hexa:lossy.network | delegation to a nameserver I run | 23:43:15 |
| @hexa:lossy.network | and dynamic updates to that | 23:43:22 |
| conr | oh i see it on leggo | 23:44:13 |
 Hayden R. (they/them) | @hexa:lossy.network lemme bounce offa your server | 23:44:14 |
| @hexa:lossy.network | hm? | 23:44:29 |
| Hayden R. (they/them) | nvm doesn't seem to allow https conns | 23:45:30 |
| conr | security.acme = {
acceptTerms = true;
defaults.email = "admin@example.org";
certs = {
"example.org" = {
domain = "*.example.org";
group = "porkbun";
dnsProvider = "cloudflare";
# location of your CLOUDFLARE_DNS_API_TOKEN=[value]
# https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#EnvironmentFile=
environmentFile = "/home/admin/porkbun";
};
};
};
so if i want to use this config, what is my environmentFile look like? api token info? | 23:53:06 |
| conr | * security.acme = {
acceptTerms = true;
defaults.email = "admin@example.org";
certs = {
"example.org" = {
domain = "*.example.org";
group = "nginx";
dnsProvider = "porkbun";
# location of your CLOUDFLARE_DNS_API_TOKEN=[value]
# https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#EnvironmentFile=
environmentFile = "/home/admin/porkbun";
};
};
};
so if i want to use this config, what is my environmentFile look like? api token info? | 23:54:14 |
| conr | * security.acme = {
acceptTerms = true;
defaults.email = "admin@example.org";
certs = {
"example.org" = {
domain = "*.example.org";
group = "nginx";
dnsProvider = "porkbun";
environmentFile = "/home/admin/porkbun";
};
};
};
so if i want to use this config, what is my environmentFile look like? api token info? | 23:54:34 |
| @hexa:lossy.network | https://go-acme.github.io/lego/dns/porkbun/#credentials | 23:55:03 |
| conr | is the lego pkg installed too? | 23:55:41 |
| @hexa:lossy.network | it is what we use behind security.acme | 23:56:01 |
| @hexa:lossy.network | it is implicitly used | 23:56:05 |
