diff options
Diffstat (limited to '')
-rw-r--r-- | flake.nix | 1 | ||||
-rw-r--r-- | services/default.nix | 2 | ||||
-rw-r--r-- | services/services/acme.nix | 6 | ||||
-rw-r--r-- | services/services/nginx.nix | 15 |
4 files changed, 23 insertions, 1 deletions
diff --git a/flake.nix b/flake.nix index 2e52203..9df3c84 100644 --- a/flake.nix +++ b/flake.nix @@ -18,4 +18,3 @@ }; }; } - diff --git a/services/default.nix b/services/default.nix index 8029ee2..c301ba1 100644 --- a/services/default.nix +++ b/services/default.nix @@ -1,5 +1,7 @@ {config, ...}: { imports = [ + ./services/acme.nix + ./services/nginx.nix ./services/nix.nix ./services/opensshd.nix ./services/rust-motd.nix diff --git a/services/services/acme.nix b/services/services/acme.nix new file mode 100644 index 0000000..42f9ed5 --- /dev/null +++ b/services/services/acme.nix @@ -0,0 +1,6 @@ +{...}: { + security.acme = { + acceptTerms = true; + defaults.email = "admin@vhack.eu"; + }; +} diff --git a/services/services/nginx.nix b/services/services/nginx.nix new file mode 100644 index 0000000..204783b --- /dev/null +++ b/services/services/nginx.nix @@ -0,0 +1,15 @@ +{...}: { + networking.firewall = { + allowedTCPPorts = [80 443]; + }; + services.nginx = { + enable = true; + virtualHosts = { + "vhack.eu" = { + forceSSL = true; + enableACME = true; + root = "/srv/www/vhack.eu"; + }; + }; + }; +} |