diff options
| author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-16 23:23:05 +0200 |
|---|---|---|
| committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-17 00:04:47 +0200 |
| commit | 7df420c27ebe7daaa4fd099c457ce9a9075b840e (patch) | |
| tree | ec41e01e9331652c09dc4f2ed4186ce5952c3882 /nixops/modules/websites/aten | |
| parent | 52f45eb051df228955add90ca62de66a7ed8af34 (diff) | |
| download | Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.tar.gz Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.tar.zst Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.zip | |
Add certificate creation and handling to websites
Diffstat (limited to 'nixops/modules/websites/aten')
| -rw-r--r-- | nixops/modules/websites/aten/default.nix | 18 |
1 files changed, 6 insertions, 12 deletions
diff --git a/nixops/modules/websites/aten/default.nix b/nixops/modules/websites/aten/default.nix index fd002a5..a9e75b6 100644 --- a/nixops/modules/websites/aten/default.nix +++ b/nixops/modules/websites/aten/default.nix | |||
| @@ -25,13 +25,6 @@ in { | |||
| 25 | secrets.keys = aten_prod.keys; | 25 | secrets.keys = aten_prod.keys; |
| 26 | services.webstats.sites = [ { name = "aten.pro"; } ]; | 26 | services.webstats.sites = [ { name = "aten.pro"; } ]; |
| 27 | 27 | ||
| 28 | security.acme.certs."aten" = config.services.myCertificates.certConfig // { | ||
| 29 | domain = "aten.pro"; | ||
| 30 | extraDomains = { | ||
| 31 | "www.aten.pro" = null; | ||
| 32 | }; | ||
| 33 | }; | ||
| 34 | |||
| 35 | services.myPhpfpm.preStart.aten_prod = aten_prod.phpFpm.preStart; | 28 | services.myPhpfpm.preStart.aten_prod = aten_prod.phpFpm.preStart; |
| 36 | services.myPhpfpm.serviceDependencies.aten_prod = aten_prod.phpFpm.serviceDeps; | 29 | services.myPhpfpm.serviceDependencies.aten_prod = aten_prod.phpFpm.serviceDeps; |
| 37 | services.myPhpfpm.poolConfigs.aten_prod = aten_prod.phpFpm.pool; | 30 | services.myPhpfpm.poolConfigs.aten_prod = aten_prod.phpFpm.pool; |
| @@ -42,15 +35,15 @@ in { | |||
| 42 | ''; | 35 | ''; |
| 43 | services.websites.production.modules = aten_prod.apache.modules; | 36 | services.websites.production.modules = aten_prod.apache.modules; |
| 44 | services.websites.production.vhostConfs.aten = { | 37 | services.websites.production.vhostConfs.aten = { |
| 45 | certName = "aten"; | 38 | certName = "aten"; |
| 46 | hosts = [ "aten.pro" "www.aten.pro" ]; | 39 | certMainHost = "aten.pro"; |
| 47 | root = aten_prod.apache.root; | 40 | hosts = [ "aten.pro" "www.aten.pro" ]; |
| 48 | extraConfig = [ aten_prod.apache.vhostConf ]; | 41 | root = aten_prod.apache.root; |
| 42 | extraConfig = [ aten_prod.apache.vhostConf ]; | ||
| 49 | }; | 43 | }; |
| 50 | }) | 44 | }) |
| 51 | (lib.mkIf cfg.integration.enable { | 45 | (lib.mkIf cfg.integration.enable { |
| 52 | secrets.keys = aten_dev.keys; | 46 | secrets.keys = aten_dev.keys; |
| 53 | security.acme.certs."eldiron".extraDomains."dev.aten.pro" = null; | ||
| 54 | services.myPhpfpm.preStart.aten_dev = aten_dev.phpFpm.preStart; | 47 | services.myPhpfpm.preStart.aten_dev = aten_dev.phpFpm.preStart; |
| 55 | services.myPhpfpm.serviceDependencies.aten_dev = aten_dev.phpFpm.serviceDeps; | 48 | services.myPhpfpm.serviceDependencies.aten_dev = aten_dev.phpFpm.serviceDeps; |
| 56 | services.myPhpfpm.poolConfigs.aten_dev = aten_dev.phpFpm.pool; | 49 | services.myPhpfpm.poolConfigs.aten_dev = aten_dev.phpFpm.pool; |
| @@ -62,6 +55,7 @@ in { | |||
| 62 | services.websites.integration.modules = aten_dev.apache.modules; | 55 | services.websites.integration.modules = aten_dev.apache.modules; |
| 63 | services.websites.integration.vhostConfs.aten = { | 56 | services.websites.integration.vhostConfs.aten = { |
| 64 | certName = "eldiron"; | 57 | certName = "eldiron"; |
| 58 | addToCerts = true; | ||
| 65 | hosts = [ "dev.aten.pro" ]; | 59 | hosts = [ "dev.aten.pro" ]; |
| 66 | root = aten_dev.apache.root; | 60 | root = aten_dev.apache.root; |
| 67 | extraConfig = [ aten_dev.apache.vhostConf ]; | 61 | extraConfig = [ aten_dev.apache.vhostConf ]; |