l websites lassul.us: use enableACME

2017-09-18 00:04:06 +02:00 · 2017-09-18 00:04:06 +02:00 · c40c6ead1e
commit c40c6ead1e
parent de16ae2a12
1 changed files with 1 additions and 11 deletions
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@ -14,14 +14,6 @@ in {

  security.acme = {
    certs."lassul.us" = {
-      email = "lass@lassul.us";
-      webroot = "/var/lib/acme/acme-challenges";
-      plugins = [
-        "account_key.json"
-        "key.pem"
-        "fullchain.pem"
-        "full.pem"
-      ];
      allowKeysForGroup = true;
      group = "lasscert";
    };
@ -71,13 +63,11 @@ in {
  ];

  services.nginx.virtualHosts."lassul.us" = {
+    enableACME = true;
    serverAliases = [ "lassul.us" ];
    locations."/".extraConfig = ''
      root /srv/http/lassul.us;
    '';
-    locations."/.well-known/acme-challenge".extraConfig = ''
-      root /var/lib/acme/challenges/lassul.us/;
-    '';
    locations."= /retiolum-hosts.tar.bz2".extraConfig = ''
      alias ${config.krebs.tinc.retiolum.hostsArchive};
    '';