diff options
author | sils <sils@sils.li> | 2023-03-07 19:40:49 +0100 |
---|---|---|
committer | sils <sils@sils.li> | 2023-03-07 19:48:12 +0100 |
commit | 820efecae8c72ee3f9c6f4981d43ce19fe660dc3 (patch) | |
tree | 9ca75dc7baebad7cf9eab78b28072d18ebaed311 /services/services/acme.nix | |
parent | Feat: Add Website (diff) | |
download | nixos-server-820efecae8c72ee3f9c6f4981d43ce19fe660dc3.tar.gz nixos-server-820efecae8c72ee3f9c6f4981d43ce19fe660dc3.zip |
Feat: Add mailserver
Diffstat (limited to '')
-rw-r--r-- | services/services/acme.nix | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/services/services/acme.nix b/services/services/acme.nix index 42f9ed5..7e39174 100644 --- a/services/services/acme.nix +++ b/services/services/acme.nix @@ -1,6 +1,29 @@ {...}: { + users.users.nginx.extraGroups = ["acme"]; + + services.nginx = { + enable = true; + virtualHosts = { + "acmechallenge.vhack.eu" = { + serverAliases = ["*.vhack.eu"]; + locations."/.well-known/acme-challenge" = { + root = "/var/lib/acme/.challenges"; + }; + locations."/" = { + return = "301 https://$host$request_uri"; + }; + }; + }; + }; + security.acme = { acceptTerms = true; defaults.email = "admin@vhack.eu"; + certs = { + "server1.vhack.eu" = { + webroot = "/var/lib/acme/.challenges"; + group = "nginx"; + }; + }; }; } |