diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2020-03-22 23:12:57 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2020-03-22 23:12:57 +0100 |
commit | ce57c2564c5a90db71998ebeb7589df770e20751 (patch) | |
tree | 05bc8b0ec8df719d959e442c34a5e471bd573779 | |
parent | 5be46f445ba17a92cdda17c7c51de34befff7631 (diff) | |
download | nixos-ce57c2564c5a90db71998ebeb7589df770e20751.tar nixos-ce57c2564c5a90db71998ebeb7589df770e20751.tar.gz nixos-ce57c2564c5a90db71998ebeb7589df770e20751.tar.bz2 nixos-ce57c2564c5a90db71998ebeb7589df770e20751.tar.xz nixos-ce57c2564c5a90db71998ebeb7589df770e20751.zip |
...
-rw-r--r-- | ymir.nix | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -835,7 +835,6 @@ in rec { | |||
835 | security.wrappers = { "newgrp".source = "${pkgs.shadow}/bin/newgrp"; }; | 835 | security.wrappers = { "newgrp".source = "${pkgs.shadow}/bin/newgrp"; }; |
836 | 836 | ||
837 | security.acme = { | 837 | security.acme = { |
838 | acceptTerms = true; | ||
839 | certs = { | 838 | certs = { |
840 | "yggdrasil.li" = { | 839 | "yggdrasil.li" = { |
841 | allowKeysForGroup = true; | 840 | allowKeysForGroup = true; |
@@ -851,6 +850,11 @@ in rec { | |||
851 | }; | 850 | }; |
852 | 851 | ||
853 | systemd.services."acme-yggdrasil.li".requires = [ "nginx.service" ]; | 852 | systemd.services."acme-yggdrasil.li".requires = [ "nginx.service" ]; |
853 | systemd.services."acme-yggdrasil.li".preStart | ||
854 | = let mkDir = domain: '' | ||
855 | install -d -g ssl -o acme -m 2750 /srv/www/acme/${domain} | ||
856 | ''; | ||
857 | in concatStringsSep "\n" (map mkDir myDomains); | ||
854 | 858 | ||
855 | services.uucp = { | 859 | services.uucp = { |
856 | enable = true; | 860 | enable = true; |