ma bgt: enable acme with cloudflare

This commit is contained in:
makefu 2022-08-29 21:12:21 +02:00
parent aeb0c2a6ea
commit 2c417ec53d

View file

@ -59,6 +59,11 @@ in {
systemd.services.nginx.serviceConfig.ReadWritePaths = [
"/var/spool/nginx/logs/"
];
security.acme.certs."download.binaergewitter.de" = {
dnsProvider = "cloudflare";
credentialsFile = toString <secrets/lego-binaergewitter>;
webroot = lib.mkForce null;
};
services.nginx = {
appendHttpConfig = ''
@ -70,6 +75,8 @@ in {
recommendedGzipSettings = true;
recommendedOptimisation = true;
virtualHosts."download.binaergewitter.de" = {
enableSSL = true;
enableACME = true;
serverAliases = [ "dl2.binaergewitter.de" ];
root = "/var/www/binaergewitter";
extraConfig = ''