diff options
author | nin <nineinchnade@gmail.com> | 2017-12-14 21:13:46 +0100 |
---|---|---|
committer | nin <nineinchnade@gmail.com> | 2017-12-14 21:13:46 +0100 |
commit | 37771ad34e18e0657636c8d0eb5b7392e3b89ba6 (patch) | |
tree | 8abda683b425494d2a273fc42d7573499b97a657 /lass/2configs/websites | |
parent | 7ed6fd18bb99884889a76ad9f597193861f44dc9 (diff) | |
parent | 04f7ae22d6d0720d06f78c712eb9cd245cefce82 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/2configs/websites')
-rw-r--r-- | lass/2configs/websites/lassulus.nix | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 6e185a4d6..25ca1f455 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -147,12 +147,32 @@ in { in '' alias ${initscript}; ''; + locations."/pub".extraConfig = '' + alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey}; + ''; + }; + + security.acme.certs."cgit.lassul.us" = { + email = "lassulus@lassul.us"; + webroot = "/var/lib/acme/acme-challenge"; + plugins = [ + "account_key.json" + "fullchain.pem" + "key.pem" + ]; + group = "nginx"; + user = "nginx"; }; + services.nginx.virtualHosts.cgit = { serverName = "cgit.lassul.us"; addSSL = true; - enableACME = true; + sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem"; + locations."/.well-known/acme-challenge".extraConfig = '' + root /var/lib/acme/acme-challenge; + ''; }; users.users.blog = { |