3 files changed, 20 insertions, 8 deletions

diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 5477a8b86..ed8c2995f 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -1,5 +1,7 @@
 { config, lib, pkgs, ... }:
 
+with config.krebs.lib;
+
 let
   ip = config.krebs.build.host.nets.internet.ip4.addr;
 
@@ -24,11 +26,22 @@ in {
     {
       imports = [
         ../2configs/git.nix
-        ( manageCerts [ "cgit.lassul.us" ])
-      ];
-      krebs.nginx.servers.cgit.server-names = [
-        "cgit.lassul.us"
       ];
+      krebs.nginx.servers.cgit = {
+        server-names = [
+          "cgit.lassul.us"
+        ];
+        locations = [
+          (nameValuePair "/.well-known/acme-challenge" ''
+            root /var/lib/acme/challenges/cgit.lassul.us/;
+          '')
+        ];
+        ssl = {
+          enable = true;
+          certificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
+          certificate_key = "/var/lib/acme/cgit.lassul.us/key.pem";
+        };
+      };
     }
     {
       users.extraGroups = {
@@ -189,7 +202,6 @@ in {
       lass.ejabberd = {
         enable = true;
         hosts = [ "lassul.us" ];
-        certfile = "/var/lib/acme/lassul.us/full.pem";
       };
       krebs.iptables.tables.filter.INPUT.rules = [
         { predicate = "-p tcp --dport xmpp-client"; target = "ACCEPT"; }
diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix
index 83553f5ca..6b56419d7 100644
--- a/lass/1systems/uriel.nix
+++ b/lass/1systems/uriel.nix
@@ -39,8 +39,8 @@ with builtins;
     #loader.grub.version = 2;
     #loader.grub.device = "/dev/sda";
 
-    loader.systemd-boot.enable = true;
-    loader.timeout = 5;
+    loader.gummiboot.enable = true;
+    loader.gummiboot.timeout = 5;
 
     initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
     initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
diff --git a/lass/5pkgs/q/default.nix b/lass/5pkgs/q/default.nix
index 644be0d17..571932b1d 100644
--- a/lass/5pkgs/q/default.nix
+++ b/lass/5pkgs/q/default.nix
@@ -123,7 +123,7 @@ let
   '';
 
   q-online = ''
-    if ${pkgs.curl.bin}/bin/curl -s google.com >/dev/null; then
+    if ${pkgs.curl}/bin/curl -s google.com >/dev/null; then
       echo 'online'
     else
       echo offline