forked from Fediversity/simple-nixos-fediverse
acme fixup
This commit is contained in:
parent
3e4b486921
commit
2116ac6b27
|
@ -172,10 +172,12 @@ in
|
||||||
s3_api.root_domain = ".${fedicfg.api.domain}";
|
s3_api.root_domain = ".${fedicfg.api.domain}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."garagePortProxy" = {
|
services.nginx.virtualHosts."garagePortProxy" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
useACME = true;
|
||||||
serverName = "*.${fedicfg.web.rootDomain}";
|
serverName = fedicfg.web.rootDomain;
|
||||||
|
serverAliases = lib.mapAttrsToList (bucket: _: "${bucket}.${fedicfg.web.rootDomain}") cfg.ensureBuckets; ## TODO: use wildcard certificates?
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
proxyPass = "http://localhost:3902";
|
proxyPass = "http://localhost:3902";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
|
@ -183,6 +185,7 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.ensure-garage = {
|
systemd.services.ensure-garage = {
|
||||||
after = [ "garage.service" ];
|
after = [ "garage.service" ];
|
||||||
wantedBy = [ "garage.service" ];
|
wantedBy = [ "garage.service" ];
|
||||||
|
|
Reference in a new issue