From 5a6a49ab5b5dc1d0adcc714cebeb90041d70e2dd Mon Sep 17 00:00:00 2001
From: Haonan Chen <chn@chn.moe>
Date: Mon, 15 Dec 2025 10:19:16 +0800
Subject: [PATCH] modules.services.acme: fix

---
 modules/services/acme.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/modules/services/acme.nix b/modules/services/acme.nix
index d1b669b1..a285525a 100644
--- a/modules/services/acme.nix
+++ b/modules/services/acme.nix
@@ -27,6 +27,7 @@ inputs:
         email = "chn@chn.moe";
         dnsProvider = "cloudflare";
         dnsResolver = "1.1.1.1";
+        dnsPropagationCheck = false;
       };
       certs = builtins.listToAttrs (builtins.map
         (cert:
@@ -34,7 +35,7 @@ inputs:
           name = builtins.elemAt cert.value.domains 0;
           value =
           {
-            credentialsFile = inputs.config.nixos.system.sops.templates."acme/cloudflare.ini".path;
+            environmentFile = inputs.config.nixos.system.sops.templates."acme/cloudflare.ini".path;
             extraDomainNames = builtins.tail cert.value.domains;
             group = inputs.lib.mkIf (cert.value.group != null) cert.value.group;
           };
@@ -47,6 +48,7 @@ inputs:
       ''
         CLOUDFLARE_DNS_API_TOKEN=${inputs.config.nixos.system.sops.placeholder."acme/token"}
         CLOUDFLARE_PROPAGATION_TIMEOUT=300
+        LEGO_DISABLE_CNAME_SUPPORT=true
       '';
       secrets."acme/token" = {};
     };