diff options
| author | Vincent Ambo <tazjin@google.com> | 2020-02-14T12·00+0000 |
|---|---|---|
| committer | Vincent Ambo <tazjin@google.com> | 2020-02-14T12·00+0000 |
| commit | 2fd6ec650b5cd3eb65f5f8d25c139490d477975b (patch) | |
| tree | b15a1e75dde73069a588349c92fc8c78e8768eb0 | |
| parent | bcc797fa2f820b2de9adad46e7e90bbf8f96460e (diff) | |
refactor(ops/nixos/camden): Merge ACME certificate blocks r/550
| -rw-r--r-- | ops/nixos/camden/default.nix | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/ops/nixos/camden/default.nix b/ops/nixos/camden/default.nix index ad59bc0787..a8ac3612cb 100644 --- a/ops/nixos/camden/default.nix +++ b/ops/nixos/camden/default.nix @@ -145,16 +145,6 @@ in pkgs.lib.fix(self: { # Provision a TLS certificate outside of nginx to avoid # nixpkgs#38144 - security.acme.certs."camden.tazj.in" = { - user = "nginx"; - group = "nginx"; - webroot = "/var/lib/acme/acme-challenge"; - extraDomains = { - "git.camden.tazj.in" = null; - }; - postRun = "systemctl reload nginx"; - }; - security.acme.certs."tazj.in" = { user = "nginx"; group = "nginx"; @@ -162,6 +152,10 @@ in pkgs.lib.fix(self: { extraDomains = { "git.tazj.in" = null; "www.tazj.in" = null; + + # Local domains (for this machine only) + "camden.tazj.in" = null; + "git.camden.tazj.in" = null; }; postRun = "systemctl reload nginx"; }; @@ -193,7 +187,8 @@ in pkgs.lib.fix(self: { ''; virtualHosts.homepage = { - serverName = "tazj.in"; # TODO(tazjin): change to actual host later + serverName = "tazj.in"; + serverAliases = [ "camden.tazj.in" ]; default = true; useACMEHost = "tazj.in"; root = pkgs.web.homepage; @@ -224,6 +219,7 @@ in pkgs.lib.fix(self: { virtualHosts.cgit = { serverName = "git.tazj.in"; + serverAliases = [ "git.camden.tazj.in" ]; useACMEHost = "tazj.in"; addSSL = true; |