felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-02-04 09:10:01 +01:00
Code Issues Projects Releases Wiki Activity

modules/grzegorz: override base certificate config

Browse Source
This commit is contained in:
h7x4
2026-01-22 15:10:42 +09:00
parent d5199779a6
commit 5714efc668
2 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
base/services/nginx.nix
View File

@@ -67,10 +67,10 @@
}; };
${config.networking.fqdn} = { ${config.networking.fqdn} = {
sslCertificate = "/etc/certs/nginx.crt"; sslCertificate = lib.mkDefault "/etc/certs/nginx.crt";
sslCertificateKey = "/etc/certs/nginx.key"; sslCertificateKey = lib.mkDefault "/etc/certs/nginx.key";
addSSL = true; addSSL = lib.mkDefault true;
extraConfig = "return 444;"; extraConfig = lib.mkDefault "return 444;";
}; };
}; };
} }

4
modules/grzegorz.nix
View File

@@ -37,9 +37,13 @@ in {
services.nginx.enable = true; services.nginx.enable = true;
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
${config.networking.fqdn} = { ${config.networking.fqdn} = {
# NOTE: this overrides the default config in base/services/nginx.nix
addSSL = false;
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
kTLS = true; kTLS = true;
serverAliases = [ serverAliases = [
"${machine}.pvv.org" "${machine}.pvv.org"
]; ];