From fea6d863d38871e29c25cdab64752c74cc38799c Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Tue, 28 Nov 2023 21:27:08 +0100
Subject: [PATCH] fix cert path and add tls to cert

---
 hosts/fw.cloonar.com/modules/unbound.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hosts/fw.cloonar.com/modules/unbound.nix b/hosts/fw.cloonar.com/modules/unbound.nix
index 74db9f6..196302c 100644
--- a/hosts/fw.cloonar.com/modules/unbound.nix
+++ b/hosts/fw.cloonar.com/modules/unbound.nix
@@ -4,7 +4,7 @@
     settings = {
       server = {
         interface = [ "127.0.0.1" "10.42.96.1" "10.42.97.1" "10.42.99.1" "10.42.254.1" ];
-        # tls-cert-bundle = "/var/lib/acme/fw.cloonar.com/fullchain.pem";
+        tls-cert-bundle = "/var/lib/acme/fw.cloonar.com/fullchain.pem";
         local-zone = "\"cloonar.com\" transparent";
         local-data = [
           "\"localhost A 127.0.0.1\""
@@ -120,7 +120,7 @@
     };
   };
 
-  security.acme.certs.fw = {
+  security.acme.certs."fw.cloonar.com" = {
     domain = "fw.cloonar.com";
     group = config.services.unbound.group;
   };