nixos/acme: improve documentation

* Use literalExample for better readability
* Clarify a bit wrt. 'webroot' and 'allowKeysForGroup'
This commit is contained in:
Bjørn Forsman 2017-06-08 08:46:40 +02:00
parent 7a0e958b97
commit 6a55fda61e

View File

@ -13,7 +13,7 @@ let
description = ''
Where the webroot of the HTTP vhost is located.
<filename>.well-known/acme-challenge/</filename> directory
will be created automatically if it doesn't exist.
will be created below the webroot if it doesn't exist.
<literal>http://example.org/.well-known/acme-challenge/</literal> must also
be available (notice unencrypted HTTP).
'';
@ -46,7 +46,10 @@ let
allowKeysForGroup = mkOption {
type = types.bool;
default = false;
description = "Give read permissions to the specified group to read SSL private certificates.";
description = ''
Give read permissions to the specified group
(<option>security.acme.group</option>) to read SSL private certificates.
'';
};
postRun = mkOption {
@ -77,10 +80,12 @@ let
extraDomains = mkOption {
type = types.attrsOf (types.nullOr types.str);
default = {};
example = {
example = literalExample ''
{
"example.org" = "/srv/http/nginx";
"mydomain.org" = null;
};
}
'';
description = ''
Extra domain names for which certificates are to be issued, with their
own server roots if needed.
@ -140,7 +145,8 @@ in
description = ''
Attribute set of certificates to get signed and renewed.
'';
example = {
example = literalExample ''
{
"example.com" = {
webroot = "/var/www/challenges/";
email = "foo@example.com";
@ -150,7 +156,8 @@ in
webroot = "/var/www/challenges/";
email = "bar@example.com";
};
};
}
'';
};
};
};