Add certificate creation and handling to websites

[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / tools / default.nix

diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix
index 5e84f45a15cd641540114252bfeb97f1e4322333..061c0043637e3caed1dfc34db3da35920878ad8d 100644 (file)
--- a/nixops/modules/websites/tools/tools/default.nix
+++ b/nixops/modules/websites/tools/tools/default.nix
@@ -46,9 +46,6 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null;
-    security.acme.certs."eldiron".extraDomains."devtools.immae.eu" = null;
-
     secrets.keys =
       kanboard.keys
       ++ ldap.keys
@@ -86,6 +83,7 @@ in {
 
     services.websites.integration.vhostConfs.devtools = {
       certName    = "eldiron";
+      addToCerts  = true;
       hosts       = ["devtools.immae.eu" ];
       root        = "/var/lib/ftp/devtools.immae.eu";
       extraConfig = [
@@ -105,6 +103,7 @@ in {
 
     services.websites.tools.vhostConfs.tools = {
       certName    = "eldiron";
+      addToCerts  = true;
       hosts       = ["tools.immae.eu" ];
       root        = "/var/lib/ftp/tools.immae.eu";
       extraConfig = [
@@ -132,11 +131,11 @@ in {
       ];
     };
 
-    security.acme.certs."eldiron".extraDomains."outils.immae.eu" = null;
     services.websites.tools.vhostConfs.outils = {
-      certName = "eldiron";
-      hosts    = [ "outils.immae.eu" ];
-      root     = null;
+      certName   = "eldiron";
+      addToCerts = true;
+      hosts      = [ "outils.immae.eu" ];
+      root       = null;
       extraConfig = [
         ''
         RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1