diff options
author | lassulus <lass@aidsballs.de> | 2016-10-19 14:58:46 +0200 |
---|---|---|
committer | lassulus <lass@aidsballs.de> | 2016-10-19 14:58:46 +0200 |
commit | e3cce01913c6a22946cc01438079bc3410ded9b2 (patch) | |
tree | a740d2d66305b111be5b879a84bce6582ecd55cf /lass/1systems | |
parent | 7aa9fb7eff3a4356097b46bf531969027a0935a0 (diff) |
l: add lassulus-blog config, repair ssl for cgit
Diffstat (limited to 'lass/1systems')
-rw-r--r-- | lass/1systems/prism.nix | 49 |
1 files changed, 1 insertions, 48 deletions
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 51d106b5e..9fa210d08 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -25,26 +25,6 @@ in { ../2configs/binary-cache/server.nix ../2configs/iodined.nix { - imports = [ - ../2configs/git.nix - ]; - krebs.nginx.servers.cgit = { - server-names = [ - "cgit.lassul.us" - ]; - locations = [ - (nameValuePair "/.well-known/acme-challenge" '' - root /var/lib/acme/challenges/cgit.lassul.us/; - '') - ]; - ssl = { - enable = true; - certificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; - certificate_key = "/var/lib/acme/cgit.lassul.us/key.pem"; - }; - }; - } - { users.extraGroups = { # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories # Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service) @@ -174,6 +154,7 @@ in { imports = [ ../2configs/websites/wohnprojekt-rhh.de.nix ../2configs/websites/domsen.nix + ../2configs/websites/lassulus.nix ]; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport http"; target = "ACCEPT"; } @@ -186,34 +167,6 @@ in { }; } { - security.acme = { - certs."lassul.us" = { - email = "lass@lassul.us"; - webroot = "/var/lib/acme/challenges/lassul.us"; - plugins = [ - "account_key.json" - "key.pem" - "fullchain.pem" - "full.pem" - ]; - allowKeysForGroup = true; - group = "lasscert"; - }; - }; - users.groups.lasscert.members = [ - "dovecot2" - "ejabberd" - "exim" - "nginx" - ]; - krebs.nginx.servers."lassul.us" = { - server-names = [ "lassul.us" ]; - locations = [ - (lib.nameValuePair "/.well-known/acme-challenge" '' - root /var/lib/acme/challenges/lassul.us/; - '') - ]; - }; lass.ejabberd = { enable = true; hosts = [ "lassul.us" ]; |