Try throwing all certificates into the same group to avoid permission issues

2020-11-27 23:49:54 +01:00 · 2020-11-27 23:49:54 +01:00 · c8c50c0744
commit c8c50c0744
parent 0186d8bd52
3 changed files with 5 additions and 2 deletions
--- a/dovecot.nix
+++ b/dovecot.nix
@ -119,7 +119,7 @@ in
  security = lib.mkIf config.variables.useSSL {
    acme.certs."dovecot2.${config.variables.myFQDN}" = {
      domain = "${config.variables.myFQDN}";
-      group = config.services.dovecot2.group;
+      group = "certs";
      postRun = "systemctl restart dovecot2.service";
      # cheat by getting the webroot from another certificate configured through nginx.
      webroot = config.security.acme.certs."${config.variables.myFQDN}".webroot;