summaryrefslogtreecommitdiffstats
path: root/lass/1systems/prism.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2016-07-09 13:11:05 +0200
committertv <tv@krebsco.de>2016-07-09 13:11:05 +0200
commit91ccc70745c232834f180e3b1cfff571cd04b267 (patch)
tree02c3d5b08771493297e8cad9665ccd13e4f785de /lass/1systems/prism.nix
parentdd9dbb3a896d1a0f610d60509a6d02f1737bc74b (diff)
parentec183d5531455d60b4c2423d657963b496e47b4b (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/1systems/prism.nix')
-rw-r--r--lass/1systems/prism.nix27
1 files changed, 22 insertions, 5 deletions
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 5477a8b86..270bb6fc2 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -1,5 +1,7 @@
{ config, lib, pkgs, ... }:
+with config.krebs.lib;
+
let
ip = config.krebs.build.host.nets.internet.ip4.addr;
@@ -24,11 +26,22 @@ in {
{
imports = [
../2configs/git.nix
- ( manageCerts [ "cgit.lassul.us" ])
- ];
- krebs.nginx.servers.cgit.server-names = [
- "cgit.lassul.us"
];
+ krebs.nginx.servers.cgit = {
+ server-names = [
+ "cgit.lassul.us"
+ ];
+ locations = [
+ (nameValuePair "/.well-known/acme-challenge" ''
+ root /var/lib/acme/challenges/cgit.lassul.us/;
+ '')
+ ];
+ ssl = {
+ enable = true;
+ certificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
+ certificate_key = "/var/lib/acme/cgit.lassul.us/key.pem";
+ };
+ };
}
{
users.extraGroups = {
@@ -189,7 +202,6 @@ in {
lass.ejabberd = {
enable = true;
hosts = [ "lassul.us" ];
- certfile = "/var/lib/acme/lassul.us/full.pem";
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport xmpp-client"; target = "ACCEPT"; }
@@ -206,6 +218,11 @@ in {
'')
];
}
+ {
+ environment.systemPackages = with pkgs; [
+ mk_sql_pair
+ ];
+ }
];
krebs.build.host = config.krebs.hosts.prism;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 03:00:46 +0000