From bfd75eb50477aaf2adcab8742e6eabd705abde05 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 12 Nov 2017 13:22:34 +0100
Subject: l lassul.us: add /pub

---
 lass/2configs/websites/lassulus.nix | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'lass/2configs/websites/lassulus.nix')

diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 6e185a4d6..1eca2efd7 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -147,6 +147,9 @@ in {
     in ''
       alias ${initscript};
     '';
+    locations."/pub".extraConfig = ''
+      alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
+    '';
   };
 
   services.nginx.virtualHosts.cgit = {
-- 
cgit v1.2.3


From aac78c4822aec5c017fb3d072d09e7de64cd15ef Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 12 Nov 2017 13:23:06 +0100
Subject: l cgit.lassul.us: fix acme

---
 lass/2configs/websites/lassulus.nix | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'lass/2configs/websites/lassulus.nix')

diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 1eca2efd7..77f0c79e3 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -152,10 +152,24 @@ in {
     '';
   };
 
+  security.acme.certs."cgit.lassul.us" = {
+    email = "lassulus@gmail.com";
+    webroot = "/var/lib/acme/acme-challenges";
+    plugins = [
+      "account_key.json"
+      "key.pem"
+      "fullchain.pem"
+    ];
+    group = "nginx";
+    allowKeysForGroup = true;
+  };
+
+
   services.nginx.virtualHosts.cgit = {
     serverName = "cgit.lassul.us";
     addSSL = true;
-    enableACME = true;
+    sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
+    sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem";
   };
 
   users.users.blog = {
-- 
cgit v1.2.3