enableSSL = true;
sslServerCert = "/var/lib/acme/${vhostConf.certName}/cert.pem";
sslServerKey = "/var/lib/acme/${vhostConf.certName}/key.pem";
- sslServerChain = "/var/lib/acme/${vhostConf.certName}/fullchain.pem";
+ sslServerChain = "/var/lib/acme/${vhostConf.certName}/chain.pem";
logFormat = "combinedVhost";
listen = map (ip: { inherit ip; port = 443; }) cfg.ips;
hostName = builtins.head vhostConf.hosts;
deployment.keys.apache-ldap = {
user = "wwwrun";
group = "wwwrun";
- permissions = "0700";
+ permissions = "0400";
text = ''
<Macro LDAPConnect>
<IfModule authnz_ldap_module>