diff options
Diffstat (limited to 'krebs/2configs/acme.nix')
-rw-r--r-- | krebs/2configs/acme.nix | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/krebs/2configs/acme.nix b/krebs/2configs/acme.nix index b5e51a1a2..056aa7ae4 100644 --- a/krebs/2configs/acme.nix +++ b/krebs/2configs/acme.nix @@ -7,15 +7,17 @@ in { email = "spam@krebsco.de"; certs.${domain}.server = "https://${domain}:1443/acme/acme/directory"; # use 1443 here cause bootstrapping loop }; + networking.firewall.allowedTCPPorts = [ 80 443 ]; services.nginx = { enable = true; recommendedProxySettings = true; virtualHosts.${domain} = { - forceSSL = true; + addSSL = true; enableACME = true; locations."/" = { proxyPass = "https://localhost:1443"; }; + locations."= /ca.crt".alias = ../6assets/krebsAcmeCA.crt; }; }; krebs.secret.files.krebsAcme = { |