summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--flake.nix1
-rw-r--r--services/default.nix2
-rw-r--r--services/services/acme.nix6
-rw-r--r--services/services/nginx.nix15
4 files changed, 23 insertions, 1 deletions
diff --git a/flake.nix b/flake.nix
index 2e52203..9df3c84 100644
--- a/flake.nix
+++ b/flake.nix
@@ -18,4 +18,3 @@
};
};
}
-
diff --git a/services/default.nix b/services/default.nix
index 8029ee2..c301ba1 100644
--- a/services/default.nix
+++ b/services/default.nix
@@ -1,5 +1,7 @@
{config, ...}: {
imports = [
+ ./services/acme.nix
+ ./services/nginx.nix
./services/nix.nix
./services/opensshd.nix
./services/rust-motd.nix
diff --git a/services/services/acme.nix b/services/services/acme.nix
new file mode 100644
index 0000000..42f9ed5
--- /dev/null
+++ b/services/services/acme.nix
@@ -0,0 +1,6 @@
+{...}: {
+ security.acme = {
+ acceptTerms = true;
+ defaults.email = "admin@vhack.eu";
+ };
+}
diff --git a/services/services/nginx.nix b/services/services/nginx.nix
new file mode 100644
index 0000000..204783b
--- /dev/null
+++ b/services/services/nginx.nix
@@ -0,0 +1,15 @@
+{...}: {
+ networking.firewall = {
+ allowedTCPPorts = [80 443];
+ };
+ services.nginx = {
+ enable = true;
+ virtualHosts = {
+ "vhack.eu" = {
+ forceSSL = true;
+ enableACME = true;
+ root = "/srv/www/vhack.eu";
+ };
+ };
+ };
+}
generated by cgit v1.3.1 (git 2.54.0) at 2026-05-31 15:57:30 +0000