summary refs log tree commit diff stats
path: root/services
diff options
context:
space:
mode:
Diffstat (limited to 'services')
-rw-r--r--services/services/acme.nix23
1 files changed, 23 insertions, 0 deletions
diff --git a/services/services/acme.nix b/services/services/acme.nix
index 42f9ed5..7e39174 100644
--- a/services/services/acme.nix
+++ b/services/services/acme.nix
@@ -1,6 +1,29 @@
 {...}: {
+  users.users.nginx.extraGroups = ["acme"];
+
+  services.nginx = {
+    enable = true;
+    virtualHosts = {
+      "acmechallenge.vhack.eu" = {
+        serverAliases = ["*.vhack.eu"];
+        locations."/.well-known/acme-challenge" = {
+          root = "/var/lib/acme/.challenges";
+        };
+        locations."/" = {
+          return = "301 https://$host$request_uri";
+        };
+      };
+    };
+  };
+
   security.acme = {
     acceptTerms = true;
     defaults.email = "admin@vhack.eu";
+    certs = {
+      "server1.vhack.eu" = {
+        webroot = "/var/lib/acme/.challenges";
+        group = "nginx";
+      };
+    };
   };
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-29 11:58:08 +0000