X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=virtual%2Feldiron.nix;h=2d1c50e4cfd67b1944032cc72de038a0f649bd52;hb=5dd28b43ebe7086d52d17d494091fec36508e380;hp=56c6afd318141de368caf4e371675ae067bb6a7e;hpb=65fe75439ebcb4e9f065ed7586240357dcca59c1;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index 56c6afd..2d1c50e 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -82,12 +82,16 @@
 
     system.activationScripts = {
       connexionswing_dev  = mypkgs.connexionswing_dev.activationScript;
+      httpd = ''
+        install -d -m 0755 /var/lib/acme/acme-challenge
+        install -d -m 0755 /var/www
+        '';
     };
 
     services.httpd = let
       withSSL = domain: {
         enableSSL = true;
-        sslServerCert = "/var/lib/acme/${domain}/full.pem"; # FIXME: cert only?
+        sslServerCert = "/var/lib/acme/${domain}/cert.pem";
         sslServerKey = "/var/lib/acme/${domain}/key.pem";
         sslServerChain = "/var/lib/acme/${domain}/fullchain.pem";
       };
@@ -177,7 +181,6 @@
         ];
     };
 
-    # FIXME: environment variables ?
     security.pam.services = let
       pam_ldap = pkgs.pam_ldap;
       pam_ldap_mysql = assert mylibs.checkEnv "NIXOPS_MYSQL_PAM_PASSWORD";