dasJ/acme.nix Secret

## acme.nix
{
  deployHook = ''
    needsUpdate() {
      [ -f "''${2}" ] || return 0
      [ "$(sha512sum "''${2}")" = "$(sha512sum "/var/lib/acme/live/''${1}/fullchain.pem")" ] || return 0
      return 1
    }
    ${concatStringsSep "\n" (attrValues cfg.hooks)}
  '';

  # Use like this:
  helsinki.acme.hooks.znc = ''
    mkdir -p /var/lib/secrets/znc

    if needsUpdate efcloud.co /var/lib/znc/znc.pem; then
      cat /var/lib/acme/live/efcloud.co/{fullchain,privkey}.pem /var/lib/secrets/znc/dhparam.pem > /var/lib/znc/znc.pem
      systemctl restart znc
    fi
  '';

}
	{
	deployHook = ''
	needsUpdate() {
	[ -f "''${2}" ] \|\| return 0
	[ "$(sha512sum "''${2}")" = "$(sha512sum "/var/lib/acme/live/''${1}/fullchain.pem")" ] \|\| return 0
	return 1
	}
	${concatStringsSep "\n" (attrValues cfg.hooks)}
	'';

	# Use like this:
	helsinki.acme.hooks.znc = ''
	mkdir -p /var/lib/secrets/znc

	if needsUpdate efcloud.co /var/lib/znc/znc.pem; then
	cat /var/lib/acme/live/efcloud.co/{fullchain,privkey}.pem /var/lib/secrets/znc/dhparam.pem > /var/lib/znc/znc.pem
	systemctl restart znc
	fi
	'';

	}