From 2fd6ec650b5cd3eb65f5f8d25c139490d477975b Mon Sep 17 00:00:00 2001
From: Vincent Ambo <tazjin@google.com>
Date: Fri, 14 Feb 2020 12:00:12 +0000
Subject: refactor(ops/nixos/camden): Merge ACME certificate blocks

---
 ops/nixos/camden/default.nix | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/ops/nixos/camden/default.nix b/ops/nixos/camden/default.nix
index ad59bc0787..a8ac3612cb 100644
--- a/ops/nixos/camden/default.nix
+++ b/ops/nixos/camden/default.nix
@@ -145,16 +145,6 @@ in pkgs.lib.fix(self: {
 
   # Provision a TLS certificate outside of nginx to avoid
   # nixpkgs#38144
-  security.acme.certs."camden.tazj.in" = {
-    user = "nginx";
-    group = "nginx";
-    webroot = "/var/lib/acme/acme-challenge";
-    extraDomains = {
-      "git.camden.tazj.in" = null;
-    };
-    postRun = "systemctl reload nginx";
-  };
-
   security.acme.certs."tazj.in" = {
     user = "nginx";
     group = "nginx";
@@ -162,6 +152,10 @@ in pkgs.lib.fix(self: {
     extraDomains = {
       "git.tazj.in" = null;
       "www.tazj.in" = null;
+
+      # Local domains (for this machine only)
+      "camden.tazj.in" = null;
+      "git.camden.tazj.in" = null;
     };
     postRun = "systemctl reload nginx";
   };
@@ -193,7 +187,8 @@ in pkgs.lib.fix(self: {
     '';
 
     virtualHosts.homepage = {
-      serverName = "tazj.in"; # TODO(tazjin): change to actual host later
+      serverName = "tazj.in";
+      serverAliases = [ "camden.tazj.in" ];
       default = true;
       useACMEHost = "tazj.in";
       root = pkgs.web.homepage;
@@ -224,6 +219,7 @@ in pkgs.lib.fix(self: {
 
     virtualHosts.cgit = {
       serverName = "git.tazj.in";
+      serverAliases = [ "git.camden.tazj.in" ];
       useACMEHost = "tazj.in";
       addSSL = true;
 
-- 
cgit 1.4.1