torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

fixup! pki: add new vault root ca to pki
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m25s
Details

Browse Source
This commit is contained in:
Torjus Håkestad
2026-02-03 05:20:22 +01:00
parent ca6e91a0ab
commit 0cc3c9888d
1 changed files with 2 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
hosts/vaulttest01/configuration.nix
View File

@@ -106,15 +106,8 @@
}; };
# Test ACME certificate issuance from OpenBao PKI # Test ACME certificate issuance from OpenBao PKI
# Override the global ACME server to use OpenBao instead of step-ca # Override the global ACME server (from system/acme.nix) to use OpenBao instead of step-ca
security.acme = { security.acme.defaults.server = lib.mkForce "https://vault01.home.2rjus.net:8200/v1/pki_int/acme/directory";
acceptTerms = true;
defaults = {
server = "https://vault01.home.2rjus.net:8200/v1/pki_int/acme/directory";
email = "root@home.2rjus.net";
dnsPropagationCheck = false;
};
};
# Request a certificate for this host # Request a certificate for this host
# Using HTTP-01 challenge with standalone listener on port 80 # Using HTTP-01 challenge with standalone listener on port 80