l websites: use lists in helpers

author: lassulus <lass@aidsballs.de> 2016-04-13 16:32:04 +0200
committer: lassulus <lass@aidsballs.de> 2016-04-13 16:32:04 +0200
commit: de6e888da9ed85ebbe35fa23569fbd8617734798 (patch)
tree: 255d8ab908096a56f0a492e8f400677576bcad32 /lass/4lib
parent: 4c4ac83e1fb21611e947c40d612d51bbab91257e (diff)
1 files changed, 13 insertions, 40 deletions
diff --git a/lass/4lib/default.nix b/lass/4lib/default.nix
index 22a8c3c6..7949154a 100644
--- a/lass/4lib/default.nix
+++ b/lass/4lib/default.nix
@@ -7,31 +7,6 @@ rec {
   getDefaultGateway = ip:
     concatStringsSep "." (take 3 (splitString "." ip) ++ ["1"]);
 
-  manageCert = domain:
-    {
-      security.acme = {
-        certs."${domain}" = {
-          email = "lassulus@gmail.com";
-          webroot = "/var/lib/acme/challenges/${domain}";
-          plugins = [
-            "account_key.json"
-            "key.pem"
-            "fullchain.pem"
-          ];
-          group = "nginx";
-          allowKeysForGroup = true;
-        };
-      };
-
-      krebs.nginx.servers."${domain}" = {
-        locations = [
-          (nameValuePair "/.well-known/acme-challenge" ''
-            root /var/lib/acme/challenges/${domain}/;
-          '')
-        ];
-      };
-    };
-
   manageCerts = domains:
     let
       domain = head domains;
@@ -60,11 +35,11 @@ rec {
       };
     };
 
-  ssl = domain:
+  ssl = domains:
     {
       imports = [
-        ( manageCert domain )
-        ( activateACME domain )
+        ( manageCerts domains )
+        ( activateACME (head domains) )
       ];
     };
 
@@ -79,13 +54,12 @@ rec {
       };
     };
 
-  servePage = domain:
-    {
+  servePage = domains:
+    let
+      domain = head domains;
+    in {
       krebs.nginx.servers."${domain}" = {
-        server-names = [
-          "${domain}"
-          "www.${domain}"
-        ];
+        server-names = domains;
         locations = [
           (nameValuePair "/" ''
             root /srv/http/${domain};
@@ -94,13 +68,12 @@ rec {
       };
     };
 
-  serveOwncloud = domain:
-    {
+  serveOwncloud = domains:
+    let
+      domain = head domains;
+    in {
       krebs.nginx.servers."${domain}" = {
-        server-names = [
-          "${domain}"
-          "www.${domain}"
-        ];
+        server-names = domains;
         extraConfig = ''
           # Add headers to serve security related headers
           add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
author	lassulus <lass@aidsballs.de>	2016-04-13 16:32:04 +0200
committer	lassulus <lass@aidsballs.de>	2016-04-13 16:32:04 +0200
commit	de6e888da9ed85ebbe35fa23569fbd8617734798 (patch)
tree	255d8ab908096a56f0a492e8f400677576bcad32 /lass/4lib
parent	4c4ac83e1fb21611e947c40d612d51bbab91257e (diff)