From 312077240a8b3f3e88240a06445f73aa7dcf33f2 Mon Sep 17 00:00:00 2001
From: Inex Code <inex.code@selfprivacy.org>
Date: Fri, 28 Jul 2023 03:00:17 +0300
Subject: [PATCH] fix(acme): add dns propagation check exceptions

---
 letsencrypt/acme.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/letsencrypt/acme.nix b/letsencrypt/acme.nix
index 9ad69ca..b01b6f2 100644
--- a/letsencrypt/acme.nix
+++ b/letsencrypt/acme.nix
@@ -13,6 +13,7 @@ let
   dnsCredentialsTemplate = dnsCredentialsTemplates.${cfg.dns.provider};
   acme-env-filepath = "/var/lib/selfprivacy/acme-env";
   secrets-filepath = "/etc/selfprivacy/secrets.json";
+  dnsPropagationCheckExceptions = [ "DIGITALOCEAN" ];
 in
 {
   users.groups.acmereceivers.members = [ "nginx" ];
@@ -21,7 +22,8 @@ in
     defaults = {
       email = "${cfg.username}@${cfg.domain}";
       server = if cfg.dns.useStagingACME then "https://acme-staging-v02.api.letsencrypt.org/directory" else "https://acme-v02.api.letsencrypt.org/directory";
-      dnsPropagationCheck = false;
+      dnsPropagationCheck =
+        ! (lib.elem cfg.dns.provider dnsPropagationCheckExceptions);
       reloadServices = [ "nginx" ];
     };
     certs = lib.mkForce {