lgmrszd/nix-cfg
1
0
Fork 0
mirror of https://git.lgmrszd.xyz/Lgmrszd/nix-cfg.git synced 2024-11-22 03:07:56 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Simpler acme setup

Browse source
This commit is contained in:
Lgmrszd 2024-01-16 21:50:40 +03:00
parent 248d4825c4
commit fba9f555d3
No known key found for this signature in database
GPG key ID: 9396B8BA6FBB14DE
1 changed files with 7 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
hosts/vps1/configuration.nix
View file

@ -39,10 +39,15 @@ in
services.nginx = {
enable = true;
virtualHosts.${gtnhDomain} = {
virtualHosts.${rootDomain} = {
# addSSL = true;
forceSSL = true;
# enableACME = true;
default = true;
enableACME = true;
root = "/var/www/todo";
};
virtualHosts.${gtnhDomain} = {
forceSSL = true;
useACMEHost = "${rootDomain}";
root = "/var/www/gtnh";
};
@ -61,24 +66,12 @@ in
useACMEHost = "${rootDomain}";
root = "/var/www/todo";
};
virtualHosts."acmechallenge.${rootDomain}" = {
# Catchall vhost, will redirect users to HTTPS for all vhosts
serverAliases = [ "*.${rootDomain}" ];
locations."/.well-known/acme-challenge" = {
root = "/var/lib/acme/.challenges";
};
locations."/" = {
return = "301 https://$host$request_uri";
};
};
};
security.acme = {
acceptTerms = true;
defaults.email = "lgmrszd@disroot.org";
certs.${rootDomain} = {
group = "nginx";
webroot = "/var/lib/acme/.challenges";
extraDomainNames = [
gtnhDomain
akkoDomain