From 884deba3af5ea64d9e13ebe5254e48d04e0996c8 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Wed, 13 Apr 2016 13:07:28 +0200 Subject: Serving ssl certs created by letsencrypt --- custom/ymir-nginx.nix | 12 ++++++------ ymir.nix | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/custom/ymir-nginx.nix b/custom/ymir-nginx.nix index a130bcd1..54b0084f 100644 --- a/custom/ymir-nginx.nix +++ b/custom/ymir-nginx.nix @@ -104,8 +104,8 @@ in { include ${favicon}; include ${acme}; - ssl_certificate /etc/nginx/ssl/dirty-haskell.org/fullchain.pem; - ssl_certificate_key /etc/nginx/ssl/dirty-haskell.org/privkey.pem; + ssl_certificate /etc/ssl/self/dirty-haskell.org/fullchain.pem; + ssl_certificate_key /etc/ssl/self/dirty-haskell.org/privkey.pem; root /srv/www/dirty-haskell.org; } @@ -118,8 +118,8 @@ in { include ${favicon}; include ${acme}; - ssl_certificate /etc/nginx/ssl/www.dirty-haskell.org/fullchain.pem; - ssl_certificate_key /etc/nginx/ssl/www.dirty-haskell.org/privkey.pem; + ssl_certificate /etc/ssl/self/www.dirty-haskell.org/fullchain.pem; + ssl_certificate_key /etc/ssl/self/www.dirty-haskell.org/privkey.pem; root /srv/www/dirty-haskell.org; } @@ -129,8 +129,8 @@ in { listen *:443 ssl; listen [::]:80; listen [::]:443 ssl; - ssl_certificate /etc/nginx/ssl/git.yggdrasil.li/fullchain.pem; - ssl_certificate_key /etc/nginx/ssl/git.yggdrasil.li/key.pem; + ssl_certificate /etc/ssl/self/git.yggdrasil.li/fullchain.pem; + ssl_certificate_key /etc/ssl/self/git.yggdrasil.li/key.pem; server_name git.yggdrasil.li; root ${pkgs.cgit}/cgit; diff --git a/ymir.nix b/ymir.nix index f7308906..99f473fb 100644 --- a/ymir.nix +++ b/ymir.nix @@ -9,8 +9,8 @@ let enabled = true; domain = name; ssl = { - key = "ssl/${name}/key.pem"; - cert = "ssl/${name}/fullchain.pem"; + key = "/etc/ssl/self/${name}/key.pem"; + cert = "/etc/ssl/self/${name}/fullchain.pem"; }; }; simp_le = pkgs.callPackage ./custom/simp_le.nix {}; -- cgit v1.2.3