back round 3 view raw

fix(pm/acme): resolve DNS using cloudflare #120

closed
opened by a.starrysky.fyi targeting main from private/minion/push-oqywmpqruopz

We run Tailscale, which sometimes has internal routes to things. These override all DNS address entries for specified domains, which breaks verifying ACME TXT records, which prevents us fetching certificates.

Resolving ACME using Cloudflare avoids the issue...

options
unified split
Changed files
+8
packetmix
systems
teal
acme.nix
umber
acme.nix
+4
packetmix/systems/teal/acme.nix
··· 9 9 email = "acme@freshlybakedca.ke"; 10 10 dnsProvider = "cloudflare"; 11 11 environmentFile = "/secrets/acme/environmentFile"; 12 + extraLegoFlags = [ 13 + "--dns.resolvers" 14 + "1.1.1.1" 15 + ]; 12 16 }; 13 17 }; 14 18
+4
packetmix/systems/umber/acme.nix
··· 9 9 email = "acme@starrysky.fyi"; 10 10 dnsProvider = "cloudflare"; 11 11 environmentFile = "/secrets/acme/environmentFile"; 12 + extraLegoFlags = [ 13 + "--dns.resolvers" 14 + "1.1.1.1" 15 + ]; 12 16 }; 13 17 }; 14 18