simp_le test

author: Gregor Kleen <gkleen@yggdrasil.li> 2016-01-24 12:10:16 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2016-01-24 12:10:16 +0100
commit: 0fb62fe4d86f3e140bd989d3a3aca2d76c395549 (patch)
tree: 339f9af244b7ff5fb0ce0e315b4945833593f9b2 /custom
parent: 7b1c4e0c395f358cb9d4b6850af01cdd3e2a3a80 (diff)
download: nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.tar
nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.tar.gz
nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.tar.bz2
nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.tar.xz
nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.zip
2 files changed, 23 insertions, 0 deletions
diff --git a/custom/simp_le.nix b/custom/simp_le.nix
new file mode 100644
index 00000000..ed85fc51
--- /dev/null
+++ b/custom/simp_le.nix
@@ -0,0 +1,18 @@
+{ stdenv, simp_le
+, util-linux
+}:
+dir:
+domain:
+let
+  script = bulitins.toFile "cert.sh" ''
+    cd $dir
+    ${simp_le}/bin/simp_le -d ${domain}:/srv/www/acme/${domain}/ \
+      --email "phikeebaogobaegh@141.li" \
+      -f account_key.json \
+      -f cert.pem \
+      -f fullchain.pem \
+      -f key.pem
+  '';
+in
+  "${stdenv}/bin/bash ${script} ${dir} ${domain} > ${util-linux}/bin/logger -p auth.info"
diff --git a/custom/ymir-nginx.nix b/custom/ymir-nginx.nix
index 32707ee6..4c3880ce 100644
--- a/custom/ymir-nginx.nix
+++ b/custom/ymir-nginx.nix
@@ -117,9 +117,14 @@ in {
      server {
        listen *:80;
+        listen *:443 ssl;
        listen [::]:80;
+        listen [::]:443 ssl;
        server_name git.yggdrasil.li www.git.yggdrasil.li;
+        ssl_certificate /etc/nginx/ssl/$server_name/fullchain.pem;
+        ssl_certificate_key /etc/nginx/ssl/$server_name/privkey.pem;
        root ${pkgs.cgit}/cgit;
        try_files $uri @cgit;
author	Gregor Kleen <gkleen@yggdrasil.li>	2016-01-24 12:10:16 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2016-01-24 12:10:16 +0100
commit	0fb62fe4d86f3e140bd989d3a3aca2d76c395549 (patch)
tree	339f9af244b7ff5fb0ce0e315b4945833593f9b2 /custom
parent	7b1c4e0c395f358cb9d4b6850af01cdd3e2a3a80 (diff)
download	nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.tar nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.tar.gz nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.tar.bz2 nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.tar.xz nixos-0fb62fe4d86f3e140bd989d3a3aca2d76c395549.zip

diff --git a/custom/simp_le.nix b/custom/simp_le.nix new file mode 100644 index 00000000..ed85fc51 --- /dev/null +++ b/custom/simp_le.nix
@@ -0,0 +1,18 @@
		1	{ stdenv, simp_le
		2	, util-linux
		3	}:
		4	dir:
		5	domain:
		6
		7	let
		8	script = bulitins.toFile "cert.sh" ''
		9	cd $dir
		10	${simp_le}/bin/simp_le -d ${domain}:/srv/www/acme/${domain}/ \
		11	--email "phikeebaogobaegh@141.li" \
		12	-f account_key.json \
		13	-f cert.pem \
		14	-f fullchain.pem \
		15	-f key.pem
		16	'';
		17	in
		18	"${stdenv}/bin/bash ${script} ${dir} ${domain} > ${util-linux}/bin/logger -p auth.info"


diff --git a/custom/ymir-nginx.nix b/custom/ymir-nginx.nix index 32707ee6..4c3880ce 100644 --- a/custom/ymir-nginx.nix +++ b/custom/ymir-nginx.nix
@@ -117,9 +117,14 @@ in {
117		117
118	server {	118	server {
119	listen *:80;	119	listen *:80;
		120	listen *:443 ssl;
120	listen [::]:80;	121	listen [::]:80;
		122	listen [::]:443 ssl;
121	server_name git.yggdrasil.li www.git.yggdrasil.li;	123	server_name git.yggdrasil.li www.git.yggdrasil.li;
122		124
		125	ssl_certificate /etc/nginx/ssl/$server_name/fullchain.pem;
		126	ssl_certificate_key /etc/nginx/ssl/$server_name/privkey.pem;
		127
123	root ${pkgs.cgit}/cgit;	128	root ${pkgs.cgit}/cgit;
124		129
125	try_files $uri @cgit;	130	try_files $uri @cgit;