diff options
author | lassulus <lassulus@lassul.us> | 2018-05-07 19:57:44 +0200 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2018-05-07 20:33:23 +0200 |
commit | e8c4f7c0e40a1612731ad9f68ef7f5bb1ec7ce1c (patch) | |
tree | 42958cff1708d6bf90bcf9b2875213982447b999 | |
parent | c0f7f7bab5447ebf95f4873f7ff9679938ff6d27 (diff) |
l websites utils: forceSSL
-rw-r--r-- | lass/2configs/websites/util.nix | 16 |
1 files changed, 3 insertions, 13 deletions
diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index 61b5543ce..a11e8e692 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -16,11 +16,7 @@ rec { in { services.nginx.virtualHosts.${domain} = { enableACME = true; - onlySSL = true; - extraConfig = '' - listen 80; - listen [::]:80; - ''; + forceSSL = true; serverAliases = domains; locations."/".extraConfig = '' root /srv/http/${domain}; @@ -87,12 +83,9 @@ rec { in { services.nginx.virtualHosts."${domain}" = { enableACME = true; - onlySSL = true; + forceSSL = true; serverAliases = domains; extraConfig = '' - listen 80; - listen [::]:80; - # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; @@ -201,12 +194,9 @@ rec { in { services.nginx.virtualHosts."${domain}" = { enableACME = true; - onlySSL = true; + forceSSL = true; serverAliases = domains; extraConfig = '' - listen 80; - listen [::]:80; - root /srv/http/${domain}/; index index.php; access_log /tmp/nginx_acc.log; |