Merge branch 'master' of prism:stockholm

author: makefu <github@syntax-fehler.de> 2017-12-18 21:24:28 +0100
committer: makefu <github@syntax-fehler.de> 2017-12-18 21:24:28 +0100
commit: af308642031f971bc30c5694385eb7af1e9ea618 (patch)
tree: 7e9e55f7d5de874a61a5d9294065a4f9749ee83e /lass/2configs/websites/lassulus.nix
parent: 4feafd70204f9c13500bd427d250fac60ca595ef (diff)
parent: 676c76dd8e0b5cbe3d1bdba49b21b1b5cfc578a1 (diff)
1 files changed, 7 insertions, 4 deletions
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 77f0c79e3..25ca1f455 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -153,15 +153,15 @@ in {
   };
 
   security.acme.certs."cgit.lassul.us" = {
-    email = "lassulus@gmail.com";
-    webroot = "/var/lib/acme/acme-challenges";
+    email = "lassulus@lassul.us";
+    webroot = "/var/lib/acme/acme-challenge";
     plugins = [
       "account_key.json"
-      "key.pem"
       "fullchain.pem"
+      "key.pem"
     ];
     group = "nginx";
-    allowKeysForGroup = true;
+    user = "nginx";
   };
 
 
@@ -170,6 +170,9 @@ in {
     addSSL = true;
     sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
     sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem";
+    locations."/.well-known/acme-challenge".extraConfig = ''
+      root /var/lib/acme/acme-challenge;
+    '';
   };
 
   users.users.blog = {
author	makefu <github@syntax-fehler.de>	2017-12-18 21:24:28 +0100
committer	makefu <github@syntax-fehler.de>	2017-12-18 21:24:28 +0100
commit	af308642031f971bc30c5694385eb7af1e9ea618 (patch)
tree	7e9e55f7d5de874a61a5d9294065a4f9749ee83e /lass/2configs/websites/lassulus.nix
parent	4feafd70204f9c13500bd427d250fac60ca595ef (diff)
parent	676c76dd8e0b5cbe3d1bdba49b21b1b5cfc578a1 (diff)