makefu/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

ma bgt: enable acme with cloudflare

Browse source
This commit is contained in:
makefu 2022-08-29 21:12:21 +02:00
parent aeb0c2a6ea
commit 2c417ec53d
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
2configs/bgt/download.binaergewitter.de.nix
View file

@ -59,6 +59,11 @@ in {
systemd.services.nginx.serviceConfig.ReadWritePaths = [ systemd.services.nginx.serviceConfig.ReadWritePaths = [
"/var/spool/nginx/logs/" "/var/spool/nginx/logs/"
]; ];
security.acme.certs."download.binaergewitter.de" = {
dnsProvider = "cloudflare";
credentialsFile = toString <secrets/lego-binaergewitter>;
webroot = lib.mkForce null;
};
services.nginx = { services.nginx = {
appendHttpConfig = '' appendHttpConfig = ''
@ -70,6 +75,8 @@ in {
recommendedGzipSettings = true; recommendedGzipSettings = true;
recommendedOptimisation = true; recommendedOptimisation = true;
virtualHosts."download.binaergewitter.de" = { virtualHosts."download.binaergewitter.de" = {
enableSSL = true;
enableACME = true;
serverAliases = [ "dl2.binaergewitter.de" ]; serverAliases = [ "dl2.binaergewitter.de" ];
root = "/var/www/binaergewitter"; root = "/var/www/binaergewitter";
extraConfig = '' extraConfig = ''