+ myServices.certificates.enable = true;
+ security.acme.certs."${name}" = {
+ user = config.services.nginx.user;
+ group = config.services.nginx.group;
+ extraDomains = {
+ "discourse.immae.eu" = null;
+ "discourse.cip-ca.fr" = null;
+ "dev.immae.eu" = null;
+ "caldance.immae.eu" = null;
+ };
+ };
+ services.nginx = {
+ enable = true;
+ recommendedOptimisation = true;
+ recommendedGzipSettings = true;
+ recommendedProxySettings = true;
+ upstreams = {
+ caldance.servers."nixops-99a7e1ba-54dc-11ea-a965-10bf487fe63b-caldance:3031" = {};
+ };
+ virtualHosts = {
+ "dev.immae.eu" = {
+ acmeRoot = config.myServices.certificates.webroot;
+ useACMEHost = name;
+ forceSSL = true;
+ root = "/home/immae/www";
+ };
+ "discourse.immae.eu" = {
+ acmeRoot = config.myServices.certificates.webroot;
+ useACMEHost = name;
+ forceSSL = true;
+ locations."/".proxyPass = "http://localhost:18031";
+ };
+ "discourse.cip-ca.fr" = {
+ acmeRoot = config.myServices.certificates.webroot;
+ useACMEHost = name;
+ forceSSL = true;
+ locations."/".proxyPass = "http://localhost:18031";
+ };
+ "caldance.immae.eu" = {
+ acmeRoot = config.myServices.certificates.webroot;
+ useACMEHost = name;
+ forceSSL = true;
+ locations."/".extraConfig = ''
+ uwsgi_pass caldance;
+ '';
+ locations."/static/".alias = "/var/lib/caldance/caldance/app/www/static/";
+ locations."/media/".alias = "/var/lib/caldance/caldance/media/";
+ extraConfig = ''
+ auth_basic "Authentification requise";
+ auth_basic_user_file ${pkgs.writeText "htpasswd" config.myEnv.websites.caldance.integration.password};
+ '';
+ };
+ };
+ };
+