mirror of
https://github.com/foo-dogsquared/nixos-config.git
synced 2025-01-31 22:57:55 +00:00
Gabriel Arazas
187b32e7bb
This should also fix the ACME certificate self-signed permissions error since there is no `wezterm` group (or user). We're just using systemd's dynamic user feature in our service.
29 lines
728 B
Nix
29 lines
728 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
# We're setting up Wezterm mux server with TLS domains.
|
|
let
|
|
weztermDomain = "mux.${config.networking.domain}";
|
|
in
|
|
{
|
|
services.wezterm-mux-server = {
|
|
enable = true;
|
|
configFile = ../../config/wezterm/config.lua;
|
|
};
|
|
|
|
systemd.services.wezterm-mux-server.serviceConfig = {
|
|
LoadCredential = let
|
|
certDir = config.security.acme.certs."${weztermDomain}".directory;
|
|
credentialCertPath = path: "${path}:${certDir}/${path}";
|
|
in
|
|
[
|
|
(credentialCertPath "key.pem")
|
|
(credentialCertPath "cert.pem")
|
|
(credentialCertPath "fullchain.pem")
|
|
];
|
|
};
|
|
|
|
security.acme.certs."${weztermDomain}".postRun = ''
|
|
systemctl restart wezterm-mux-server.service
|
|
'';
|
|
}
|