Add certificate creation and handling to websites

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-16 23:23:05 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-17 00:04:47 +0200
commit: 7df420c27ebe7daaa4fd099c457ce9a9075b840e (patch)
tree: ec41e01e9331652c09dc4f2ed4186ce5952c3882 /nixops/modules/websites/chloe/default.nix
parent: 52f45eb051df228955add90ca62de66a7ed8af34 (diff)
download: Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.tar.gz
Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.tar.zst
Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.zip
1 files changed, 6 insertions, 12 deletions
diff --git a/nixops/modules/websites/chloe/default.nix b/nixops/modules/websites/chloe/default.nix
index ba72d92..8e801b5 100644
--- a/nixops/modules/websites/chloe/default.nix
+++ b/nixops/modules/websites/chloe/default.nix
@@ -25,13 +25,6 @@ in {
      secrets.keys = chloe_prod.keys;
      services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ];
-      security.acme.certs."chloe" = config.services.myCertificates.certConfig // {
-        domain = "osteopathe-cc.fr";
-        extraDomains = {
-          "www.osteopathe-cc.fr" = null;
-        };
-      };
      services.myPhpfpm.serviceDependencies.chloe_prod = chloe_prod.phpFpm.serviceDeps;
      services.myPhpfpm.poolConfigs.chloe_prod = chloe_prod.phpFpm.pool;
      services.myPhpfpm.poolPhpConfigs.chloe_prod = ''
@@ -44,15 +37,15 @@ in {
        '';
      services.websites.production.modules = chloe_prod.apache.modules;
      services.websites.production.vhostConfs.chloe = {
-        certName    = "chloe";
+        certName     = "chloe";
-        hosts       = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
+        certMainHost = "osteopathe-cc.fr";
-        root        = chloe_prod.apache.root;
+        hosts        = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
-        extraConfig = [ chloe_prod.apache.vhostConf ];
+        root         = chloe_prod.apache.root;
+        extraConfig  = [ chloe_prod.apache.vhostConf ];
      };
    })
    (lib.mkIf cfg.integration.enable {
      secrets.keys = chloe_dev.keys;
-      security.acme.certs."eldiron".extraDomains."chloe.immae.eu" = null;
      services.myPhpfpm.serviceDependencies.chloe_dev = chloe_dev.phpFpm.serviceDeps;
      services.myPhpfpm.poolConfigs.chloe_dev = chloe_dev.phpFpm.pool;
      services.myPhpfpm.poolPhpConfigs.chloe_dev = ''
@@ -66,6 +59,7 @@ in {
      services.websites.integration.modules = chloe_dev.apache.modules;
      services.websites.integration.vhostConfs.chloe = {
        certName    = "eldiron";
+        addToCerts  = true;
        hosts       = ["chloe.immae.eu" ];
        root        = chloe_dev.apache.root;
        extraConfig = [ chloe_dev.apache.vhostConf ];
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-16 23:23:05 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-17 00:04:47 +0200
commit	7df420c27ebe7daaa4fd099c457ce9a9075b840e (patch)
tree	ec41e01e9331652c09dc4f2ed4186ce5952c3882 /nixops/modules/websites/chloe/default.nix
parent	52f45eb051df228955add90ca62de66a7ed8af34 (diff)
download	Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.tar.gz Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.tar.zst Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.zip