ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-12-29 06:45:54 +03:00
Code Issues Projects Releases Wiki Activity

nixos/acme: improve documentation

Browse Source 
* Use literalExample for better readability
* Clarify a bit wrt. 'webroot' and 'allowKeysForGroup'
This commit is contained in:
Bjørn Forsman 2017-06-08 08:46:40 +02:00
parent 7a0e958b97
commit 6a55fda61e
1 changed files with 24 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
nixos/modules/security/acme.nix
View File

@ -13,7 +13,7 @@ let
description = '' description = ''
Where the webroot of the HTTP vhost is located. Where the webroot of the HTTP vhost is located.
<filename>.well-known/acme-challenge/</filename> directory <filename>.well-known/acme-challenge/</filename> directory
will be created automatically if it doesn't exist. will be created below the webroot if it doesn't exist.
<literal>http://example.org/.well-known/acme-challenge/</literal> must also <literal>http://example.org/.well-known/acme-challenge/</literal> must also
be available (notice unencrypted HTTP). be available (notice unencrypted HTTP).
''; '';
@ -46,7 +46,10 @@ let
allowKeysForGroup = mkOption { allowKeysForGroup = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "Give read permissions to the specified group to read SSL private certificates."; description = ''
Give read permissions to the specified group
(<option>security.acme.group</option>) to read SSL private certificates.
'';
}; };
postRun = mkOption { postRun = mkOption {
@ -77,10 +80,12 @@ let
extraDomains = mkOption { extraDomains = mkOption {
type = types.attrsOf (types.nullOr types.str); type = types.attrsOf (types.nullOr types.str);
default = {}; default = {};
example = { example = literalExample ''
{
"example.org" = "/srv/http/nginx"; "example.org" = "/srv/http/nginx";
"mydomain.org" = null; "mydomain.org" = null;
}; }
'';
description = '' description = ''
Extra domain names for which certificates are to be issued, with their Extra domain names for which certificates are to be issued, with their
own server roots if needed. own server roots if needed.
@ -140,7 +145,8 @@ in
description = '' description = ''
Attribute set of certificates to get signed and renewed. Attribute set of certificates to get signed and renewed.
''; '';
example = { example = literalExample ''
{
"example.com" = { "example.com" = {
webroot = "/var/www/challenges/"; webroot = "/var/www/challenges/";
email = "foo@example.com"; email = "foo@example.com";
@ -150,7 +156,8 @@ in
webroot = "/var/www/challenges/"; webroot = "/var/www/challenges/";
email = "bar@example.com"; email = "bar@example.com";
}; };
}; }
'';
}; };
}; };
}; };