Squash changes containing private information

[perso/Immae/Config/Nix.git] / systems / monitoring-1 / status.nix

diff --git a/modules/private/monitoring/status.nix b/systems/monitoring-1/status.nix
similarity index 84%
rename from modules/private/monitoring/status.nix
rename to systems/monitoring-1/status.nix
index ab0290c3909fc2eed700287906b5c6decbd4e6e3..8b6615fd877e68549c784885c739d8cfa5ee46f7 100644 (file)
--- a/modules/private/monitoring/status.nix
+++ b/systems/monitoring-1/status.nix
@@ -29,14 +29,8 @@
       upstreams."netdata".extraConfig = ''
         keepalive 64;
         '';
-      virtualHosts."status.eban.bzh" = {
-        acmeRoot = config.myServices.certificates.webroot;
-        useACMEHost = name;
-        forceSSL = true;
-        locations."/".proxyPass = "http://unix:/run/naemon-status/socket.sock:/";
-      };
       virtualHosts."status.immae.eu" = {
-        acmeRoot = config.myServices.certificates.webroot;
+        acmeRoot = config.security.acme.defaults.webroot;
         useACMEHost = name;
         forceSSL = true;
         locations."/".proxyPass = "http://unix:/run/naemon-status/socket.sock:/";
@@ -62,13 +56,10 @@
       };
     };
     security.acme.certs."${name}" = {
-      extraDomains."status.immae.eu" = null;
-      extraDomains."status.eban.bzh" = null;
-      user = config.services.nginx.user;
+      extraDomainNames = [ "status.immae.eu" ];
       group = config.services.nginx.group;
     };
 
-    myServices.certificates.enable = true;
     networking.firewall.allowedTCPPorts = [ 80 443 ];
     systemd.services.naemon-status = {
       description = "Naemon status";