freshlybakedca.ke
a.starrysky.fyi
+7
-5
packetmix/systems/common/nginx.nix
+7
-5
packetmix/systems/common/nginx.nix
···
21
21
'';
22
22
};
23
23
24
-
systemd.services."acme-missinghost.invalid".enable = false;
25
-
systemd.timers."acme-missinghost.invalid".enable = false;
24
+
systemd.services."acme-order-renew-missinghost.invalid".enable = false;
26
25
27
-
systemd.targets."acme-finished-missinghost.invalid" = {
28
-
requires = lib.mkForce [ "acme-selfsigned-missinghost.invalid.service" ];
29
-
after = lib.mkForce [ "acme-selfsigned-missinghost.invalid.service" ];
26
+
systemd.services."acme-missinghost.invalid" = {
27
+
wants = lib.mkForce [
28
+
"acme-setup.service"
29
+
];
30
+
before = lib.mkForce [];
31
+
restartTriggers = lib.mkForce [];
30
32
};
31
33
32
34
security.acme.acceptTerms = true;
+2
-4
packetmix/systems/teal/stalwart.nix
+2
-4
packetmix/systems/teal/stalwart.nix
···
143
143
systemd.services.stalwart-mail = {
144
144
requires = [ "postgresql.service" ];
145
145
wants = [
146
-
"acme-finished-mail.freshly.space.target"
146
+
"acme-mail.freshly.space.service"
147
147
]
148
-
++ (map (domain: "acme-finished-${domain}.target") mail_domains);
148
+
++ (map (domain: "acme-${domain}.service") mail_domains);
149
149
after = [
150
-
"acme-selfsigned-mail.freshly.space.service"
151
150
"acme-mail.freshly.space.service"
152
151
"postgresql.service"
153
152
]
154
-
++ (map (domain: "acme-selfsigned-${domain}.service") mail_domains)
155
153
++ (map (domain: "acme-${domain}.service") mail_domains);
156
154
serviceConfig.RestrictAddressFamilies = lib.mkForce [ ]; # We need the default restricted address families to access the postgres socket
157
155
};