l 2 websites util: disable deprecated ssl stuff

2016-11-25 00:00:50 +01:00 · 2016-11-25 00:00:50 +01:00 · ab684bf6d8
parent e5270a2405
commit ab684bf6d8
1 changed files with 21 additions and 20 deletions
--- a/lass/2configs/websites/util.nix
+++ b/lass/2configs/websites/util.nix
@ -8,28 +8,29 @@ rec {
    let
      domain = head domains;
    in {
-      security.acme = {
-        certs."${domain}" = {
-          email = "lassulus@gmail.com";
-          webroot = "/var/lib/acme/challenges/${domain}";
-          plugins = [
-            "account_key.json"
-            "key.pem"
-            "fullchain.pem"
-          ];
-          group = "nginx";
-          allowKeysForGroup = true;
-          extraDomains = genAttrs domains (_: null);
-        };
-      };
+      #security.acme = {
+      #  certs."${domain}" = {
+      #    email = "lassulus@gmail.com";
+      #    webroot = "/var/lib/acme/challenges/${domain}";
+      #    plugins = [
+      #      "account_key.json"
+      #      "key.pem"
+      #      "fullchain.pem"
+      #    ];
+      #    group = "nginx";
+      #    allowKeysForGroup = true;
+      #    extraDomains = genAttrs domains (_: null);
+      #  };
+      #};

      krebs.nginx.servers."${domain}" = {
+        ssl.acmeEnable = true;
        server-names = domains;
-        locations = [
-          (nameValuePair "/.well-known/acme-challenge" ''
-            root /var/lib/acme/challenges/${domain}/;
-          '')
-        ];
+        #locations = [
+        #  (nameValuePair "/.well-known/acme-challenge" ''
+        #    root /var/lib/acme/challenges/${domain}/;
+        #  '')
+        #];
      };
    };

@ -37,7 +38,7 @@ rec {
    {
      imports = [
        ( manageCerts domains )
-        ( activateACME (head domains) )
+        #( activateACME (head domains) )
      ];
    };