From f4f1d97052199143660508e0cf56aa3aef8e02d9 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Thu, 17 Feb 2022 20:33:08 +0300 Subject: refactor(ops/modules): Move ACME base configuration into base.nix This needs to be present on all machines that run ACME stuff. I've switched the address for a .su one because I have a catchall for these. Change-Id: I7af8e1f1cb2fcfbcba4b7d1930ed0edef0106d72 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5306 Autosubmit: tazjin Tested-by: BuildkiteCI Reviewed-by: sterni --- ops/machines/whitby/default.nix | 5 ----- ops/modules/www/base.nix | 5 +++++ 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index e9ec50da13d0..61f44a5ec41a 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -651,10 +651,5 @@ in }; }; - security.acme = { - acceptTerms = true; - defaults.email = "certs@tvl.fyi"; - }; - system.stateVersion = "20.03"; } diff --git a/ops/modules/www/base.nix b/ops/modules/www/base.nix index fbf0514161ab..375c1a6b76a4 100644 --- a/ops/modules/www/base.nix +++ b/ops/modules/www/base.nix @@ -2,6 +2,11 @@ { config = { + security.acme = { + acceptTerms = true; + defaults.email = "letsencrypt@tvl.su"; + }; + services.nginx = { enable = true; enableReload = true; -- cgit 1.4.1