diff options
author | tv <tv@krebsco.de> | 2017-11-28 19:06:54 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2017-11-28 19:06:54 +0100 |
commit | 05bc20b893ff6d441d7e8e10802134d2192e724a (patch) | |
tree | 1c34434d71eb2e3e3ced9ade09ee4b5879cc63cd /lass/2configs/websites/lassulus.nix | |
parent | 5163d8eba27976ccccf7703b52eb1b8f4c0295af (diff) | |
parent | 10a96c644898d9498e9f75fa543ebb395ffbca20 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/2configs/websites/lassulus.nix')
-rw-r--r-- | lass/2configs/websites/lassulus.nix | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 6e185a4d6..77f0c79e3 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -147,12 +147,29 @@ in { in '' alias ${initscript}; ''; + locations."/pub".extraConfig = '' + alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey}; + ''; + }; + + security.acme.certs."cgit.lassul.us" = { + email = "lassulus@gmail.com"; + webroot = "/var/lib/acme/acme-challenges"; + plugins = [ + "account_key.json" + "key.pem" + "fullchain.pem" + ]; + group = "nginx"; + allowKeysForGroup = true; }; + services.nginx.virtualHosts.cgit = { serverName = "cgit.lassul.us"; addSSL = true; - enableACME = true; + sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem"; }; users.users.blog = { |