summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2017-10-03 23:51:11 +0200
committerlassulus <lassulus@lassul.us>2017-10-03 23:51:11 +0200
commit3be76df6c9ea70c56eee66935476bd4738912171 (patch)
tree3ba74664f5e8f0ba7e8db0bddbf79904644a89f5
parent6179ec63628b21905393c7deb15d6e9b272756a4 (diff)
l websites lass: use addSSL
-rw-r--r--lass/2configs/websites/lassulus.nix32
1 files changed, 3 insertions, 29 deletions
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 17c39a5f4..77790e8b8 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -73,17 +73,6 @@ in {
allowKeysForGroup = true;
group = "lasscert";
};
- certs."cgit.lassul.us" = {
- email = "lassulus@gmail.com";
- webroot = "/var/lib/acme/acme-challenges";
- plugins = [
- "account_key.json"
- "key.pem"
- "fullchain.pem"
- ];
- group = "nginx";
- allowKeysForGroup = true;
- };
};
krebs.tinc_graphs.enable = true;
@@ -119,6 +108,7 @@ in {
];
services.nginx.virtualHosts."lassul.us" = {
+ addSSL = true;
enableACME = true;
serverAliases = [ "lassul.us" ];
locations."/".extraConfig = ''
@@ -158,30 +148,14 @@ in {
in ''
alias ${initscript};
'';
-
- enableSSL = true;
- extraConfig = ''
- listen 80;
- listen [::]:80;
- '';
- sslCertificate = "/var/lib/acme/lassul.us/fullchain.pem";
- sslCertificateKey = "/var/lib/acme/lassul.us/key.pem";
};
services.nginx.virtualHosts.cgit = {
+ addSSL = true;
+ enableACME = true;
serverAliases = [
"cgit.lassul.us"
];
- locations."/.well-known/acme-challenge".extraConfig = ''
- root /var/lib/acme/acme-challenges;
- '';
- enableSSL = true;
- extraConfig = ''
- listen 80;
- listen [::]:80;
- '';
- sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
- sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem";
};
users.users.blog = {