feat: Refactor web-servers module and move common configuration to common.nix

2025-06-12 21:35:43 +08:00 · 2025-06-12 21:35:43 +08:00 · e5f942acbe
commit e5f942acbe
parent 7093a338f4
7 changed files with 94 additions and 76 deletions
--- a/modules/nixos/server/web-servers/default.nix
+++ b/modules/nixos/server/web-servers/default.nix
@ -1,15 +1,25 @@
-{ config, ... }:
+{ config, lib, ... }:
+let
+  inherit (lib) mkMerge mkIf mkEnableOption;
+  cfg = config.server.web-servers;
+in
 {
-  config = {
-    security.acme = {
-      acceptTerms = true;
-      defaults = {
-        email = "rafiq@rrv.sh";
-        dnsProvider = "cloudflare";
-        credentialFiles = {
-          "CLOUDFLARE_DNS_API_TOKEN_FILE" = config.sops.secrets."keys/cloudflare".path;
+  options.server.web-servers = {
+    enableSSL = mkEnableOption "";
+  };
+
+  config = mkMerge [
+    (mkIf cfg.enableSSL {
+      security.acme = {
+        acceptTerms = true;
+        defaults = {
+          inherit (config.system.mainUser) email;
+          dnsProvider = "cloudflare";
+          credentialFiles = {
+            "CLOUDFLARE_DNS_API_TOKEN_FILE" = config.sops.secrets."keys/cloudflare".path;
+          };
        };
      };
-    };
-  };
+    })
+  ];
 }