summaryrefslogtreecommitdiffstats
path: root/makefu/2configs
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2022-08-29 21:12:21 +0200
committermakefu <github@syntax-fehler.de>2022-08-29 21:12:21 +0200
commit12cbc5ed1e022e24a77f959268a63c61ae7086cb (patch)
treece6ad84e08d84790eca128446b1cc257bf11cb7e /makefu/2configs
parenta10998a86025f052d73250175e2c122d2bd442a4 (diff)
ma bgt: enable acme with cloudflare
Diffstat (limited to 'makefu/2configs')
-rw-r--r--makefu/2configs/bgt/download.binaergewitter.de.nix7
1 files changed, 7 insertions, 0 deletions
diff --git a/makefu/2configs/bgt/download.binaergewitter.de.nix b/makefu/2configs/bgt/download.binaergewitter.de.nix
index 1cf21f213..85379e77b 100644
--- a/makefu/2configs/bgt/download.binaergewitter.de.nix
+++ b/makefu/2configs/bgt/download.binaergewitter.de.nix
@@ -59,6 +59,11 @@ in {
systemd.services.nginx.serviceConfig.ReadWritePaths = [
"/var/spool/nginx/logs/"
];
+ security.acme.certs."download.binaergewitter.de" = {
+ dnsProvider = "cloudflare";
+ credentialsFile = toString <secrets/lego-binaergewitter>;
+ webroot = lib.mkForce null;
+ };
services.nginx = {
appendHttpConfig = ''
@@ -70,6 +75,8 @@ in {
recommendedGzipSettings = true;
recommendedOptimisation = true;
virtualHosts."download.binaergewitter.de" = {
+ enableSSL = true;
+ enableACME = true;
serverAliases = [ "dl2.binaergewitter.de" ];
root = "/var/www/binaergewitter";
extraConfig = ''