diff options
author | makefu <github@syntax-fehler.de> | 2022-08-29 21:12:21 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2022-08-29 21:12:21 +0200 |
commit | 2c417ec53df0112d7e96f94c05be59ec95bfbbc5 (patch) | |
tree | 90582f9101a4ac9b989c4866982f398858220573 /2configs | |
parent | aeb0c2a6ea8a089482dc095a9b0b26bc4aeded4f (diff) |
ma bgt: enable acme with cloudflare
Diffstat (limited to '2configs')
-rw-r--r-- | 2configs/bgt/download.binaergewitter.de.nix | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/2configs/bgt/download.binaergewitter.de.nix b/2configs/bgt/download.binaergewitter.de.nix index 1cf21f213..85379e77b 100644 --- a/2configs/bgt/download.binaergewitter.de.nix +++ b/2configs/bgt/download.binaergewitter.de.nix @@ -59,6 +59,11 @@ in { systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/spool/nginx/logs/" ]; + security.acme.certs."download.binaergewitter.de" = { + dnsProvider = "cloudflare"; + credentialsFile = toString <secrets/lego-binaergewitter>; + webroot = lib.mkForce null; + }; services.nginx = { appendHttpConfig = '' @@ -70,6 +75,8 @@ in { recommendedGzipSettings = true; recommendedOptimisation = true; virtualHosts."download.binaergewitter.de" = { + enableSSL = true; + enableACME = true; serverAliases = [ "dl2.binaergewitter.de" ]; root = "/var/www/binaergewitter"; extraConfig = '' |