From 13486879b764092d0004464510615ffa1f8152a2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 7 Jul 2016 23:07:22 +0200 Subject: l 1 prism: fix ssl for cgit.lassul.us --- lass/1systems/prism.nix | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 5477a8b86..1eb81cd0a 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -1,5 +1,7 @@ { config, lib, pkgs, ... }: +with config.krebs.lib; + let ip = config.krebs.build.host.nets.internet.ip4.addr; @@ -24,11 +26,22 @@ in { { imports = [ ../2configs/git.nix - ( manageCerts [ "cgit.lassul.us" ]) - ]; - krebs.nginx.servers.cgit.server-names = [ - "cgit.lassul.us" ]; + krebs.nginx.servers.cgit = { + server-names = [ + "cgit.lassul.us" + ]; + locations = [ + (nameValuePair "/.well-known/acme-challenge" '' + root /var/lib/acme/challenges/cgit.lassul.us/; + '') + ]; + ssl = { + enable = true; + certificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; + certificate_key = "/var/lib/acme/cgit.lassul.us/key.pem"; + }; + }; } { users.extraGroups = { -- cgit v1.2.3