blob: 812093a7e7f64934ed66c6015bbf924cd238d344 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
{
networking.firewall.allowedTCPPorts = [ 80 443 ];
security.acme.acceptTerms = true;
security.acme.defaults.email = "spam@krebsco.de";
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedTlsSettings = true;
enableReload = true;
virtualHosts.default = {
default = true;
locations."= /etc/os-release".extraConfig = ''
default_type text/plain;
alias /etc/os-release;
'';
# needed for acmeFallback in sync-containers, or other machines not reachable globally
locations."~ ^/.well-known/acme-challenge/".root = "/var/lib/acme/acme-challenge";
};
};
}
|
