tests/email-dns: Factor out all of the secrets/acme stuff into a common dir

This makes it easier to re-use this test data for various tests.
author: Benedikt Peetz <benedikt.peetz@b-peetz.de> 2025-04-12 16:25:53 +0200
committer: Benedikt Peetz <benedikt.peetz@b-peetz.de> 2025-04-22 21:35:30 +0200
commit: 7d3c1bd972c67af3f5006bd02e8ed3655f16bfc7 (patch)
tree: b636d166aeee551c0d1088ae821ae593f8110cb5 /tests/common/acme/client.nix
parent: update.sh: Also run `nix flake update` (diff)
download: nixos-server-7d3c1bd972c67af3f5006bd02e8ed3655f16bfc7.zip
1 files changed, 21 insertions, 0 deletions
diff --git a/tests/common/acme/client.nix b/tests/common/acme/client.nix
new file mode 100644
index 0000000..2b870e8
--- /dev/null
+++ b/tests/common/acme/client.nix
@@ -0,0 +1,21 @@
+{
+  nodes,
+  lib,
+  ...
+}: let
+  inherit (nodes.acme.test-support.acme) caCert;
+  inherit (nodes.acme.test-support.acme) caDomain;
+in {
+  security = {
+    acme = {
+      acceptTerms = true;
+      defaults = {
+        server = "https://${caDomain}/dir";
+      };
+    };
+
+    pki = {
+      certificateFiles = lib.mkForce [caCert];
+    };
+  };
+}
author	Benedikt Peetz <benedikt.peetz@b-peetz.de>	2025-04-12 16:25:53 +0200
committer	Benedikt Peetz <benedikt.peetz@b-peetz.de>	2025-04-22 21:35:30 +0200
commit	7d3c1bd972c67af3f5006bd02e8ed3655f16bfc7 (patch)
tree	b636d166aeee551c0d1088ae821ae593f8110cb5 /tests/common/acme/client.nix
parent	update.sh: Also run `nix flake update` (diff)
download	nixos-server-7d3c1bd972c67af3f5006bd02e8ed3655f16bfc7.zip