From 8a7984933d7cbacfebc1dd9ae8e8b7032e26bcf6 Mon Sep 17 00:00:00 2001
From: Kiara Grouwstra <kiara@procolix.eu>
Date: Tue, 8 Jul 2025 10:02:13 +0200
Subject: [PATCH] reinstate acme settings needed by applications (#434)

closes #417

Reviewed-on: https://git.fediversity.eu/Fediversity/Fediversity/pulls/434
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
---
 services/fediversity/default.nix | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/services/fediversity/default.nix b/services/fediversity/default.nix
index 6baf00fa..ca7b1f38 100644
--- a/services/fediversity/default.nix
+++ b/services/fediversity/default.nix
@@ -65,4 +65,16 @@ in
       };
     };
   };
+
+  config = {
+    ## FIXME: This should clearly go somewhere else; and we should have a
+    ## `staging` vs. `production` setting somewhere.
+    security.acme = {
+      acceptTerms = true;
+      # use a priority more urgent than mkDefault for panel deployment to work,
+      # yet looser than default so this will not clash with the setting in tests.
+      defaults.email = lib.modules.mkOverride 200 "something@fediversity.net";
+      # defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
+    };
+  };
 }