rope/nixos
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Increase ACME DNS propagation timeout to 10 minutes

Browse source 
Cloudflare's authoritative nameservers take longer than the
default 2-minute timeout to propagate TXT records created via
API. Set CLOUDFLARE_PROPAGATION_TIMEOUT=600 to give enough
time for DNS-01 challenge validation.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
ediblerope 2026-04-14 22:48:58 +01:00
parent 337b90ced3
commit fb8f75e9c7
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
services/nginx.nix
View file

@ -62,13 +62,15 @@ in
domain = "*.nordhammer.it";
extraDomainNames = [ "nordhammer.it" ];
dnsProvider = "cloudflare";
extraLegoFlags = [ "--dns.resolvers" "1.1.1.1:53" ];
credentialFiles = {
"CF_DNS_API_TOKEN_FILE" = "/var/secrets/cloudflare-token";
};
};
};
# Give Cloudflare authoritative NS more time to propagate TXT records
systemd.services."acme-order-renew-nordhammer.it".environment.CLOUDFLARE_PROPAGATION_TIMEOUT = "600";
users.users.nginx.extraGroups = [ "acme" ];
services.nginx = {