From e8c4f7c0e40a1612731ad9f68ef7f5bb1ec7ce1c Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 7 May 2018 19:57:44 +0200
Subject: l websites utils: forceSSL

---
 lass/2configs/websites/util.nix | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix
index 61b5543ce..a11e8e692 100644
--- a/lass/2configs/websites/util.nix
+++ b/lass/2configs/websites/util.nix
@@ -16,11 +16,7 @@ rec {
     in {
       services.nginx.virtualHosts.${domain} = {
         enableACME = true;
-        onlySSL = true;
-        extraConfig = ''
-          listen 80;
-          listen [::]:80;
-        '';
+        forceSSL = true;
         serverAliases = domains;
         locations."/".extraConfig = ''
           root /srv/http/${domain};
@@ -87,12 +83,9 @@ rec {
     in {
       services.nginx.virtualHosts."${domain}" = {
         enableACME = true;
-        onlySSL = true;
+        forceSSL = true;
         serverAliases = domains;
         extraConfig = ''
-          listen 80;
-          listen [::]:80;
-
           # Add headers to serve security related headers
           add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
           add_header X-Content-Type-Options nosniff;
@@ -201,12 +194,9 @@ rec {
     in {
       services.nginx.virtualHosts."${domain}" = {
         enableACME = true;
-        onlySSL = true;
+        forceSSL = true;
         serverAliases = domains;
         extraConfig = ''
-          listen 80;
-          listen [::]:80;
-
           root /srv/http/${domain}/;
           index index.php;
           access_log /tmp/nginx_acc.log;
-- 
cgit v1.2.3