diff --git a/fediversity/default.nix b/fediversity/default.nix index 46ee05d..0fed04f 100644 --- a/fediversity/default.nix +++ b/fediversity/default.nix @@ -100,4 +100,14 @@ in { }; }; }; + + config = { + ## FIXME: This should clearly go somewhere else; and we should have a + ## `staging` vs. `production` setting somewhere. + security.acme = { + acceptTerms = true; + defaults.email = "nicolas.jeannerod+fediversity@moduscreate.com"; + defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory"; + }; + }; } diff --git a/fediversity/pixelfed.nix b/fediversity/pixelfed.nix index da77fea..c9b48a0 100644 --- a/fediversity/pixelfed.nix +++ b/fediversity/pixelfed.nix @@ -50,6 +50,8 @@ lib.mkIf (config.fediversity.enable && config.fediversity.pixelfed.enable) { ## ## TODO: If that indeed makes sense, upstream. nginx = { + forceSSL = true; + enableACME = true; # locations."/public/".proxyPass = "${config.fediversity.internal.garage.web.urlFor "pixelfed"}/public/"; }; };