fix(deertopia): Persist SSL certs

modules/nixos/deertopia/authelia.nix

@@ -132,7 +132,9 @@ in {
          };
        };
 
-       sydnix.deertopia.nginx.vhosts."auth".vhost = {
+       sydnix.deertopia.nginx.vhosts."auth" = {
+         directory = null;
+         vhost = {
            forceSSL = true;
            enableACME = true;
            extraConfig = ''
@@ -145,6 +147,7 @@ in {
            locations."/api/verify".proxyPass = "$upstream";
            locations."/api/authz".proxyPass = "$upstream";
          };
+       };
 
        # TODO: Remove this.  It's only used for a quick demo for myself.  The
        # domain choice is arbitrary.  It's just one I happen to have set up.

modules/nixos/deertopia/nginx.nix

@@ -85,6 +85,11 @@ in
       defaults.email = "lomiskiam@gmail.com";
     };
 
+    sydnix.impermanence.directories = [
+      # Don't regenerate certs on reboot.
+      "/var/lib/acme"
+    ];
+
     services.nginx.virtualHosts =
       builtins.listToAttrs
         (builtins.map