From 820efecae8c72ee3f9c6f4981d43ce19fe660dc3 Mon Sep 17 00:00:00 2001
From: sils <sils@sils.li>
Date: Tue, 7 Mar 2023 19:40:49 +0100
Subject: Feat: Add mailserver

---
 services/services/acme.nix | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'services')

diff --git a/services/services/acme.nix b/services/services/acme.nix
index 42f9ed5..7e39174 100644
--- a/services/services/acme.nix
+++ b/services/services/acme.nix
@@ -1,6 +1,29 @@
 {...}: {
+  users.users.nginx.extraGroups = ["acme"];
+
+  services.nginx = {
+    enable = true;
+    virtualHosts = {
+      "acmechallenge.vhack.eu" = {
+        serverAliases = ["*.vhack.eu"];
+        locations."/.well-known/acme-challenge" = {
+          root = "/var/lib/acme/.challenges";
+        };
+        locations."/" = {
+          return = "301 https://$host$request_uri";
+        };
+      };
+    };
+  };
+
   security.acme = {
     acceptTerms = true;
     defaults.email = "admin@vhack.eu";
+    certs = {
+      "server1.vhack.eu" = {
+        webroot = "/var/lib/acme/.challenges";
+        group = "nginx";
+      };
+    };
   };
 }
-- 
cgit 1.4.1