diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2016-01-24 11:38:32 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2016-01-24 11:38:32 +0100 |
commit | 0a49126bc3e2a2b2ef45f192a5a46c58ff1f01f2 (patch) | |
tree | d08aed158e84facb4ecce71500c1d1ffca9cb4f2 | |
parent | 7689ce8c7890eda81cae0a2aa2660c6c54c6ae96 (diff) | |
download | nixos-0a49126bc3e2a2b2ef45f192a5a46c58ff1f01f2.tar nixos-0a49126bc3e2a2b2ef45f192a5a46c58ff1f01f2.tar.gz nixos-0a49126bc3e2a2b2ef45f192a5a46c58ff1f01f2.tar.bz2 nixos-0a49126bc3e2a2b2ef45f192a5a46c58ff1f01f2.tar.xz nixos-0a49126bc3e2a2b2ef45f192a5a46c58ff1f01f2.zip |
acme-challenge
-rw-r--r-- | custom/ymir-nginx.nix | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/custom/ymir-nginx.nix b/custom/ymir-nginx.nix index 4e13e019..8750ac9f 100644 --- a/custom/ymir-nginx.nix +++ b/custom/ymir-nginx.nix | |||
@@ -18,10 +18,16 @@ let | |||
18 | ''; | 18 | ''; |
19 | 19 | ||
20 | favicon = builtins.toFile "favicon" '' | 20 | favicon = builtins.toFile "favicon" '' |
21 | location /favicon.ico { | 21 | location = /favicon.ico { |
22 | root /srv/www/praseodym.org; | 22 | root /srv/www/praseodym.org; |
23 | } | 23 | } |
24 | ''; | 24 | ''; |
25 | |||
26 | acme = builtins.toFile "acme" '' | ||
27 | location /.well-known/acme-challenge { | ||
28 | root /srv/www/acme/$hostname/.well-known/acme-challenge; | ||
29 | } | ||
30 | ''; | ||
25 | in { | 31 | in { |
26 | services.nginx = { | 32 | services.nginx = { |
27 | enable = true; | 33 | enable = true; |
@@ -76,6 +82,7 @@ in { | |||
76 | server_name dirty-haskell.org www.dirty-haskell.org; | 82 | server_name dirty-haskell.org www.dirty-haskell.org; |
77 | 83 | ||
78 | include ${favicon}; | 84 | include ${favicon}; |
85 | include ${acme}; | ||
79 | 86 | ||
80 | root /srv/www/dirty-haskell.org; | 87 | root /srv/www/dirty-haskell.org; |
81 | } | 88 | } |
@@ -86,6 +93,7 @@ in { | |||
86 | server_name dirty-haskell.org; | 93 | server_name dirty-haskell.org; |
87 | 94 | ||
88 | include ${favicon}; | 95 | include ${favicon}; |
96 | include ${acme}; | ||
89 | 97 | ||
90 | ssl_certificate /etc/nginx/ssl/dirty-haskell.org/fullchain.pem; | 98 | ssl_certificate /etc/nginx/ssl/dirty-haskell.org/fullchain.pem; |
91 | ssl_certificate_key /etc/nginx/ssl/dirty-haskell.org/privkey.pem; | 99 | ssl_certificate_key /etc/nginx/ssl/dirty-haskell.org/privkey.pem; |
@@ -99,6 +107,7 @@ in { | |||
99 | server_name www.dirty-haskell.org; | 107 | server_name www.dirty-haskell.org; |
100 | 108 | ||
101 | include ${favicon}; | 109 | include ${favicon}; |
110 | include ${acme}; | ||
102 | 111 | ||
103 | ssl_certificate /etc/nginx/ssl/www.dirty-haskell.org/fullchain.pem; | 112 | ssl_certificate /etc/nginx/ssl/www.dirty-haskell.org/fullchain.pem; |
104 | ssl_certificate_key /etc/nginx/ssl/www.dirty-haskell.org/privkey.pem; | 113 | ssl_certificate_key /etc/nginx/ssl/www.dirty-haskell.org/privkey.pem; |
@@ -116,6 +125,7 @@ in { | |||
116 | try_files $uri @cgit; | 125 | try_files $uri @cgit; |
117 | 126 | ||
118 | include ${favicon}; | 127 | include ${favicon}; |
128 | include ${acme}; | ||
119 | 129 | ||
120 | location @cgit { | 130 | location @cgit { |
121 | include ${uwsgi_params}; | 131 | include ${uwsgi_params}; |