From 0fb62fe4d86f3e140bd989d3a3aca2d76c395549 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sun, 24 Jan 2016 12:10:16 +0100
Subject: simp_le test

---
 custom/simp_le.nix    | 18 ++++++++++++++++++
 custom/ymir-nginx.nix |  5 +++++
 2 files changed, 23 insertions(+)
 create mode 100644 custom/simp_le.nix

(limited to 'custom')

diff --git a/custom/simp_le.nix b/custom/simp_le.nix
new file mode 100644
index 00000000..ed85fc51
--- /dev/null
+++ b/custom/simp_le.nix
@@ -0,0 +1,18 @@
+{ stdenv, simp_le
+, util-linux
+}:
+dir:
+domain:
+
+let
+  script = bulitins.toFile "cert.sh" ''
+    cd $dir
+    ${simp_le}/bin/simp_le -d ${domain}:/srv/www/acme/${domain}/ \
+      --email "phikeebaogobaegh@141.li" \
+      -f account_key.json \
+      -f cert.pem \
+      -f fullchain.pem \
+      -f key.pem
+  '';
+in
+  "${stdenv}/bin/bash ${script} ${dir} ${domain} > ${util-linux}/bin/logger -p auth.info"
diff --git a/custom/ymir-nginx.nix b/custom/ymir-nginx.nix
index 32707ee6..4c3880ce 100644
--- a/custom/ymir-nginx.nix
+++ b/custom/ymir-nginx.nix
@@ -117,9 +117,14 @@ in {
 
       server {
         listen *:80;
+        listen *:443 ssl;
         listen [::]:80;
+        listen [::]:443 ssl;
         server_name git.yggdrasil.li www.git.yggdrasil.li;
 
+        ssl_certificate /etc/nginx/ssl/$server_name/fullchain.pem;
+        ssl_certificate_key /etc/nginx/ssl/$server_name/privkey.pem;
+
 	root ${pkgs.cgit}/cgit;
 
 	try_files $uri @cgit;
-- 
cgit v1.2.3