Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ponte: use DNS-01 challenge

Browse Source
This commit is contained in:
tv 2023-08-01 17:29:42 +02:00
parent 068fbd7912
commit 73a64cc57a
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
krebs/1systems/ponte/config.nix
View File

@ -31,8 +31,23 @@
krebs.pages.enable = true; krebs.pages.enable = true;
krebs.pages.nginx.addSSL = true; krebs.pages.nginx.addSSL = true;
krebs.pages.nginx.enableACME = true; krebs.pages.nginx.useACMEHost = "krebsco.de";
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
security.acme.certs.${config.krebs.pages.domain}.email = "spam@krebsco.de"; security.acme.certs."krebsco.de" = {
domain = "krebsco.de";
extraDomainNames = [
"*.krebsco.de"
];
email = "spam@krebsco.de";
reloadServices = [
"knsupdate-krebsco.de.service"
"nginx.service"
];
keyType = "ec384";
dnsProvider = "rfc2136";
credentialsFile = "/var/src/secrets/acme-credentials";
};
users.users.nginx.extraGroups = [ "acme" ];
} }