diff options
| author | Soispha <soispha@vhack.eu> | 2023-06-25 20:36:37 +0200 |
|---|---|---|
| committer | Soispha <soispha@vhack.eu> | 2023-06-25 20:52:33 +0200 |
| commit | 1f6ff65c9a51651a3bf428bf0d304976bc1c3d79 (patch) | |
| tree | 996b36f163fbadac2ef6c8131c416a37fdc1870a /system/services/acme | |
| parent | Fix(system/services/git-sync): Use correct systemd options (diff) | |
| download | nixos-server-1f6ff65c9a51651a3bf428bf0d304976bc1c3d79.zip | |
Fix(system/services/acme): Leave certs generation to nixos
Diffstat (limited to 'system/services/acme')
| -rw-r--r-- | system/services/acme/default.nix | 38 | ||||
| -rw-r--r-- | system/services/acme/domains.nix | bin | 130 -> 0 bytes |
2 files changed, 0 insertions, 38 deletions
diff --git a/system/services/acme/default.nix b/system/services/acme/default.nix deleted file mode 100644 index 0a0c4ce..0000000 --- a/system/services/acme/default.nix +++ /dev/null @@ -1,38 +0,0 @@ -{lib, ...}: let - domains = import ./domains.nix {}; - - virtualHosts = builtins.listToAttrs ( - builtins.map (domain_name: { - name = "acmechallenge.${domain_name}"; - value = { - serverAliases = ["*.${domain_name}"]; - locations."/.well-known/acme-challenge" = { - root = "/var/lib/acme/.challenges"; - }; - locations."/" = { - return = "301 https://$host$request_uri"; - }; - }; - }) - domains - ); - certs = lib.attrsets.genAttrs domains ( - domain_name: { - webroot = "/var/lib/acme/.challenges"; - group = "nginx"; - } - ); -in { - users.users.nginx.extraGroups = ["acme"]; - - services.nginx = { - enable = true; - inherit virtualHosts; - }; - - security.acme = { - acceptTerms = true; - defaults.email = "admin@vhack.eu"; - inherit certs; - }; -} diff --git a/system/services/acme/domains.nix b/system/services/acme/domains.nix Binary files differdeleted file mode 100644 index 8f0930d..0000000 --- a/system/services/acme/domains.nix +++ /dev/null |