upstreams."netdata".extraConfig = ''
keepalive 64;
'';
- virtualHosts."status.eban.bzh" = {
- acmeRoot = config.myServices.certificates.webroot;
- useACMEHost = name;
- forceSSL = true;
- locations."/".proxyPass = "http://unix:/run/naemon-status/socket.sock:/";
- };
virtualHosts."status.immae.eu" = {
- acmeRoot = config.myServices.certificates.webroot;
+ acmeRoot = config.security.acme.defaults.webroot;
useACMEHost = name;
forceSSL = true;
locations."/".proxyPass = "http://unix:/run/naemon-status/socket.sock:/";
};
};
security.acme.certs."${name}" = {
- extraDomains."status.immae.eu" = null;
- extraDomains."status.eban.bzh" = null;
- user = config.services.nginx.user;
+ extraDomainNames = [ "status.immae.eu" ];
group = config.services.nginx.group;
};
- myServices.certificates.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ];
systemd.services.naemon-status = {
description = "Naemon status";