Add certificate creation and handling to websites

[perso/Immae/Config/Nix.git] / nixops / modules / websites / ftp / leila.nix

diff --git a/nixops/modules/websites/ftp/leila.nix b/nixops/modules/websites/ftp/leila.nix
index 518537214430d911c0e032dd994086e663f21c0e..14bfa20941c797bb887631779e3343007619f0ee 100644 (file)
--- a/nixops/modules/websites/ftp/leila.nix
+++ b/nixops/modules/websites/ftp/leila.nix
@@ -10,15 +10,6 @@ in {
   };
 
   config = (lib.mkIf cfg.production.enable {
-      security.acme.certs."leila" = config.services.myCertificates.certConfig // {
-        domain = "leila.bouya.org";
-        extraDomains = {
-          "chorale.leila.bouya.org" = null;
-          "chorale-vocanta.fr.nf" = null;
-          "www.chorale-vocanta.fr.nf" = null;
-        };
-      };
-
       services.myPhpfpm.poolConfigs.leila = ''
         listen = /run/phpfpm/leila.sock
         user = wwwrun
@@ -41,6 +32,7 @@ in {
       services.websites.production.modules = [ "proxy_fcgi" ];
       services.websites.production.vhostConfs.leila_chorale = {
         certName    = "leila";
+        addToCerts  = true;
         hosts       = [ "chorale.leila.bouya.org" "chorale-vocanta.fr.nf" "www.chorale-vocanta.fr.nf" ];
         root        = "${varDir}/Chorale";
         extraConfig = [
@@ -62,10 +54,11 @@ in {
         ];
       };
       services.websites.production.vhostConfs.leila = {
-        certName    = "leila";
-        hosts       = [ "leila.bouya.org" ];
-        root        = varDir;
-        extraConfig = [
+        certName     = "leila";
+        certMainHost = "leila.bouya.org";
+        hosts        = [ "leila.bouya.org" ];
+        root         = varDir;
+        extraConfig  = [
           ''
           Use Stats leila.bouya.org
           <Directory ${varDir}/Chorale>