From 42570ce38245e34508dddae4bcf6a46a64ab1d4b Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Tue, 26 Apr 2016 15:30:38 +0200 Subject: streamlined nginx config --- custom/ymir-nginx.nix | 40 ++++++++-------------------------------- 1 file changed, 8 insertions(+), 32 deletions(-) diff --git a/custom/ymir-nginx.nix b/custom/ymir-nginx.nix index 0506b5c7..bc1a4d1f 100644 --- a/custom/ymir-nginx.nix +++ b/custom/ymir-nginx.nix @@ -19,7 +19,7 @@ let favicon = builtins.toFile "favicon" '' location = /favicon.ico { - root /srv/www/praseodym.org; + root /srv/www/default; } ''; @@ -28,11 +28,6 @@ let root /srv/www/acme/$host/; } ''; - - ssl = builtins.toFile "ssl" '' - ssl_certificate /var/lib/acme/yggdrasil.li/fullchain.pem; - ssl_certificate_key /var/lib/acme/yggdrasil.li/key.pem; - ''; in { services.nginx = { enable = true; @@ -78,52 +73,33 @@ in { ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_dhparam /etc/ssl/dhparam.pem; + + ssl_certificate /var/lib/acme/yggdrasil.li/fullchain.pem; + ssl_certificate_key /var/lib/acme/yggdrasil.li/key.pem; server { listen *:80; listen [::]:80; + listen *:443 ssl; + listen [::]:443 ssl; server_name _; include ${favicon}; include ${acme}; - root /srv/www/praseodym.org; + root /srv/www/default; } server { listen *:80; listen [::]:80; - server_name dirty-haskell.org www.dirty-haskell.org; - - include ${favicon}; - include ${acme}; - - root /srv/www/dirty-haskell.org; - } - - server { - listen *:443 ssl; - listen [::]:443 ssl; - server_name dirty-haskell.org; - - include ${favicon}; - include ${acme}; - - include ${ssl}; - - root /srv/www/dirty-haskell.org; - } - - server { listen *:443 ssl; listen [::]:443 ssl; - server_name www.dirty-haskell.org; + server_name dirty-haskell.org www.dirty-haskell.org; include ${favicon}; include ${acme}; - include ${ssl}; - root /srv/www/dirty-haskell.org; } -- cgit v1.2.3