Merge pull request 'clanModules.nginx: replace acme fact with concrete value' (#2067) from nginx into main

checks/matrix-synapse/default.nix

@@ -22,7 +22,7 @@
               enableACME = lib.mkForce false;
               forceSSL = lib.mkForce false;
             };
-            security.acme.defaults.email = "admin@clan.test";
+            clan.nginx.acme.email = "admins@clan.lol";
             clan.matrix-synapse = {
               server_tld = "clan.test";
               app_domain = "matrix.clan.test";

clanModules/nginx/default.nix

@@ -10,20 +10,19 @@
     ] "Importing the module will already enable the service.")
 
   ];
-  config = {
+  options = {
-
+    clan.nginx.acme.email = lib.mkOption {
-    clan.core.facts.services."nginx-acme-email" = {
+      type = lib.types.str;
-      public."nginx-acme-email" = { };
+      description = ''
-      generator.prompt = "Please enter your email address for Let's Encrypt certificate generation";
+        Email address for account creation and correspondence from the CA.
-
+        It is recommended to use the same email for all certs to avoid account
-      generator.script = ''
+        creation limits.
-        echo -n "$prompt_value" | tr -d "\n" > "$facts"/nginx-acme-email
       '';
     };
+  };
+  config = {
     security.acme.acceptTerms = true;
-    security.acme.defaults.email =
+    security.acme.defaults.email = config.clan.nginx.acme.email;
-      lib.mkDefault
-        config.clan.core.facts.services."nginx-acme-email".public."nginx-acme-email".value;
 
     networking.firewall.allowedTCPPorts = [
       443