summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/1systems/ponte/config.nix19
1 files changed, 17 insertions, 2 deletions
diff --git a/krebs/1systems/ponte/config.nix b/krebs/1systems/ponte/config.nix
index 0b9b1c563..8bb14d517 100644
--- a/krebs/1systems/ponte/config.nix
+++ b/krebs/1systems/ponte/config.nix
@@ -31,8 +31,23 @@
krebs.pages.enable = true;
krebs.pages.nginx.addSSL = true;
- krebs.pages.nginx.enableACME = true;
+ krebs.pages.nginx.useACMEHost = "krebsco.de";
security.acme.acceptTerms = true;
- security.acme.certs.${config.krebs.pages.domain}.email = "spam@krebsco.de";
+ security.acme.certs."krebsco.de" = {
+ domain = "krebsco.de";
+ extraDomainNames = [
+ "*.krebsco.de"
+ ];
+ email = "spam@krebsco.de";
+ reloadServices = [
+ "knsupdate-krebsco.de.service"
+ "nginx.service"
+ ];
+ keyType = "ec384";
+ dnsProvider = "rfc2136";
+ credentialsFile = "/var/src/secrets/acme-credentials";
+ };
+
+ users.users.nginx.extraGroups = [ "acme" ];
}