Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

l 2 websites util: disable deprecated ssl stuff

Browse Source
This commit is contained in:
lassulus 2016-11-25 00:00:50 +01:00
parent e5270a2405
commit ab684bf6d8
1 changed files with 21 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
lass/2configs/websites/util.nix
View File

@ -8,28 +8,29 @@ rec {
let let
domain = head domains; domain = head domains;
in { in {
security.acme = { #security.acme = {
certs."${domain}" = { # certs."${domain}" = {
email = "lassulus@gmail.com"; # email = "lassulus@gmail.com";
webroot = "/var/lib/acme/challenges/${domain}"; # webroot = "/var/lib/acme/challenges/${domain}";
plugins = [ # plugins = [
"account_key.json" # "account_key.json"
"key.pem" # "key.pem"
"fullchain.pem" # "fullchain.pem"
]; # ];
group = "nginx"; # group = "nginx";
allowKeysForGroup = true; # allowKeysForGroup = true;
extraDomains = genAttrs domains (_: null); # extraDomains = genAttrs domains (_: null);
}; # };
}; #};
krebs.nginx.servers."${domain}" = { krebs.nginx.servers."${domain}" = {
ssl.acmeEnable = true;
server-names = domains; server-names = domains;
locations = [ #locations = [
(nameValuePair "/.well-known/acme-challenge" '' # (nameValuePair "/.well-known/acme-challenge" ''
root /var/lib/acme/challenges/${domain}/; # root /var/lib/acme/challenges/${domain}/;
'') # '')
]; #];
}; };
}; };
@ -37,7 +38,7 @@ rec {
{ {
imports = [ imports = [
( manageCerts domains ) ( manageCerts domains )
( activateACME (head domains) ) #( activateACME (head domains) )
]; ];
}; };