From fba330ab36ed3f0c5f5b01a1c434ed9e8281846a Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Dec 2021 14:30:25 +0100 Subject: wiki.r: add acme ssl config --- krebs/2configs/wiki.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'krebs/2configs') diff --git a/krebs/2configs/wiki.nix b/krebs/2configs/wiki.nix index 9952ed394..e7faca1f4 100644 --- a/krebs/2configs/wiki.nix +++ b/krebs/2configs/wiki.nix @@ -38,11 +38,13 @@ in systemd.services.gollum.environment.LC_ALL = "en_US.UTF-8"; - networking.firewall.allowedTCPPorts = [ 80 ]; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + security.acme.certs."wiki.r".server = config.krebs.ssl.acmeURL; services.nginx = { enable = true; - virtualHosts.wiki = { - serverAliases = [ "wiki.r" "wiki.${config.networking.hostName}.r" ]; + virtualHosts."wiki.r" = { + enableACME = true; + addSSL = true; locations."/".extraConfig = '' proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; -- cgit v1.2.3