diff --git a/containers/hydra.nix b/containers/hydra.nix index 518f1da..fc4a9b5 100644 --- a/containers/hydra.nix +++ b/containers/hydra.nix @@ -47,12 +47,12 @@ type.services = {}; }; nix = { - package = pkgs.nixUnstable.override { + package = pkgs.nixUnstable.overrideAttrs (old: { patches = - [ ./Add-ignored_acls-setting.patch - ./Ignore-system.nfs4_acl.patch + [ # ./Add-ignored_acls-setting.patch + # ./Ignore-system.nfs4_acl.patch ]; - }; + }); loadNixDb = true; persistNix = "/nix-persist"; config = { diff --git a/containers/ingress.nix b/containers/ingress.nix index 07a181b..67b8450 100644 --- a/containers/ingress.nix +++ b/containers/ingress.nix @@ -44,6 +44,19 @@ nglib.makeSystem { init.services.nginx = { shutdownOnExit = true; }; + + + system.activation = + { resolv-conf = + nglib.dag.dagEntryBefore [ "certbot" ] + '' + export PATH=${pkgs.busybox}/bin + + mkdir -p /etc + echo "nameserver 8.8.8.8" > /etc/resolv.conf + ''; + }; + services.certbot = { enable = true; @@ -58,8 +71,8 @@ nglib.makeSystem { ]; webroot = "/var/www/certbot"; email = "admin@redalder.org"; - extraOptions = "--expand --keep-until-expiring --renew-with-new-domains"; - }; + extraOptions = "--expand --keep-until-expiring --renew-with-new-domains -v"; + }; }; }; services.nginx = { diff --git a/flake.lock b/flake.lock index 6f3c183..b7a86e2 100644 --- a/flake.lock +++ b/flake.lock @@ -107,11 +107,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1639256808, - "narHash": "sha256-RRKWi6grwe5lioKUyfZNQ4ojc5kjUTX55fPNzsGH2PY=", + "lastModified": 1645433236, + "narHash": "sha256-4va4MvJ076XyPp5h8sm5eMQvCrJ6yZAbBmyw95dGyw4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e675946ecde5606c505540de2024e2732bae4185", + "rev": "7f9b6e2babf232412682c09e57ed666d8f84ac2d", "type": "github" }, "original": {