fix(deertopia): Persist SSL certs

modules/nixos/deertopia/authelia.nix

@@ -132,18 +132,21 @@ in {
          };
        };
 
-       sydnix.deertopia.nginx.vhosts."auth".vhost = {
-         forceSSL = true;
-         enableACME = true;
-         extraConfig = ''
-           set $upstream http://127.0.0.1:${builtins.toString cfg.httpPort};
-         '';
-         locations."/".extraConfig = ''
-           include ${./authelia/proxy.conf};
-           proxy_pass $upstream;
-         '';
-         locations."/api/verify".proxyPass = "$upstream";
-         locations."/api/authz".proxyPass = "$upstream";
+       sydnix.deertopia.nginx.vhosts."auth" = {
+         directory = null;
+         vhost = {
+           forceSSL = true;
+           enableACME = true;
+           extraConfig = ''
+             set $upstream http://127.0.0.1:${builtins.toString cfg.httpPort};
+           '';
+           locations."/".extraConfig = ''
+             include ${./authelia/proxy.conf};
+             proxy_pass $upstream;
+           '';
+           locations."/api/verify".proxyPass = "$upstream";
+           locations."/api/authz".proxyPass = "$upstream";
+         };
        };
 
        # TODO: Remove this.  It's only used for a quick demo for myself.  The

modules/nixos/deertopia/nginx.nix

@@ -71,7 +71,7 @@ in
     services.nginx.enable = true;
 
     networking.firewall.allowedTCPPorts = [
-      80  # HTTP
+      80 # HTTP
       443 # HTTPS
     ];
 
@@ -85,6 +85,11 @@ in
       defaults.email = "lomiskiam@gmail.com";
     };
 
+    sydnix.impermanence.directories = [
+      # Don't regenerate certs on reboot.
+      "/var/lib/acme"
+    ];
+
     services.nginx.virtualHosts =
       builtins.listToAttrs
         (builtins.map