Extend the declarative edge certificate config with HTTP, DNS, mixed, and split challenge modes. Wire DNS provider settings through host config into lego, render split certificates correctly in HAProxy, and cover the behaviour with Scheme tests.
Remove certificate email from Legion host config parsing, node edge certificate construction, CI fixtures, and examples. Lego still omits --email when no certificate email is configured.
Remove the guix-tribes sync-overlap-seconds service field and host JSON key so deployments use the Tribes release default instead of carrying a second drift-prone default.
This also removes the example and CI substitute configuration override for TRIBES_SYNC_OVERLAP_SECONDS.
Import the lego service module in the example system and replace shell rm/mkdir calls with Guix filesystem helpers in runtime code and tests so builds do not depend on PATH inside the Guix builder environment.
All top-level forms in a define-module run at load time. Guard the
system build behind an (if host-config-path ...) so Guix can scan
the load path without erroring when the config is absent.
Dotted-pair alist syntax like (name . "aether") inside a gexp is
evaluated as a procedure call, causing a syntax error at build time.
Use (cons 'key value) instead to produce the same alist structure
as proper expressions.
self
