nixos/acme: Remove dependency on system version for hash
This means that all systems running from master will trigger new certificate creation on next rebuild. Race conditions around multiple account creation are fixed in #106857, not this commit.
This commit is contained in:
parent
79ecf069f5
commit
e3120397a5
@ -104,12 +104,7 @@ let
|
||||
mkHash = with builtins; val: substring 0 20 (hashString "sha256" val);
|
||||
certDir = mkHash hashData;
|
||||
domainHash = mkHash "${concatStringsSep " " extraDomains} ${data.domain}";
|
||||
othersHash = mkHash (
|
||||
"${toString acmeServer} ${data.keyType}"
|
||||
+ (
|
||||
optionalString (versionOlder "20.09" config.system.stateVersion) data.email
|
||||
)
|
||||
);
|
||||
othersHash = mkHash "${toString acmeServer} ${data.keyType} ${data.email}";
|
||||
accountDir = "/var/lib/acme/.lego/accounts/" + othersHash;
|
||||
|
||||
protocolOpts = if useDns then (
|
||||
|
Loading…
Reference in New Issue
Block a user