summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/pass.nix2
-rw-r--r--lass/2configs/websites/lassulus.nix32
2 files changed, 4 insertions, 30 deletions
diff --git a/lass/2configs/pass.nix b/lass/2configs/pass.nix
index 5bd2f2f7f..43eb0db9b 100644
--- a/lass/2configs/pass.nix
+++ b/lass/2configs/pass.nix
@@ -3,7 +3,7 @@
{
krebs.per-user.lass.packages = with pkgs; [
pass
- gnupg1
+ gnupg
];
}
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 17c39a5f4..77790e8b8 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -73,17 +73,6 @@ in {
allowKeysForGroup = true;
group = "lasscert";
};
- certs."cgit.lassul.us" = {
- email = "lassulus@gmail.com";
- webroot = "/var/lib/acme/acme-challenges";
- plugins = [
- "account_key.json"
- "key.pem"
- "fullchain.pem"
- ];
- group = "nginx";
- allowKeysForGroup = true;
- };
};
krebs.tinc_graphs.enable = true;
@@ -119,6 +108,7 @@ in {
];
services.nginx.virtualHosts."lassul.us" = {
+ addSSL = true;
enableACME = true;
serverAliases = [ "lassul.us" ];
locations."/".extraConfig = ''
@@ -158,30 +148,14 @@ in {
in ''
alias ${initscript};
'';
-
- enableSSL = true;
- extraConfig = ''
- listen 80;
- listen [::]:80;
- '';
- sslCertificate = "/var/lib/acme/lassul.us/fullchain.pem";
- sslCertificateKey = "/var/lib/acme/lassul.us/key.pem";
};
services.nginx.virtualHosts.cgit = {
+ addSSL = true;
+ enableACME = true;
serverAliases = [
"cgit.lassul.us"
];
- locations."/.well-known/acme-challenge".extraConfig = ''
- root /var/lib/acme/acme-challenges;
- '';
- enableSSL = true;
- extraConfig = ''
- listen 80;
- listen [::]:80;
- '';
- sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
- sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem";
};
users.users.blog = {