l 2 websites util: disable deprecated ssl stuff

1 files changed, 21 insertions, 20 deletions

diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix
index 55be8a8d9..3356fe9a8 100644
--- a/lass/2configs/websites/util.nix
+++ b/lass/2configs/websites/util.nix
@@ -8,28 +8,29 @@ rec {
     let
       domain = head domains;
     in {
-      security.acme = {
-        certs."${domain}" = {
-          email = "lassulus@gmail.com";
-          webroot = "/var/lib/acme/challenges/${domain}";
-          plugins = [
-            "account_key.json"
-            "key.pem"
-            "fullchain.pem"
-          ];
-          group = "nginx";
-          allowKeysForGroup = true;
-          extraDomains = genAttrs domains (_: null);
-        };
-      };
+      #security.acme = {
+      #  certs."${domain}" = {
+      #    email = "lassulus@gmail.com";
+      #    webroot = "/var/lib/acme/challenges/${domain}";
+      #    plugins = [
+      #      "account_key.json"
+      #      "key.pem"
+      #      "fullchain.pem"
+      #    ];
+      #    group = "nginx";
+      #    allowKeysForGroup = true;
+      #    extraDomains = genAttrs domains (_: null);
+      #  };
+      #};
 
       krebs.nginx.servers."${domain}" = {
+        ssl.acmeEnable = true;
         server-names = domains;
-        locations = [
-          (nameValuePair "/.well-known/acme-challenge" ''
-            root /var/lib/acme/challenges/${domain}/;
-          '')
-        ];
+        #locations = [
+        #  (nameValuePair "/.well-known/acme-challenge" ''
+        #    root /var/lib/acme/challenges/${domain}/;
+        #  '')
+        #];
       };
     };
 
@@ -37,7 +38,7 @@ rec {
     {
       imports = [
         ( manageCerts domains )
-        ( activateACME (head domains) )
+        #( activateACME (head domains) )
       ];
     };