diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-16 23:23:05 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-17 00:04:47 +0200 |
commit | 7df420c27ebe7daaa4fd099c457ce9a9075b840e (patch) | |
tree | ec41e01e9331652c09dc4f2ed4186ce5952c3882 /nixops/modules/websites/connexionswing | |
parent | 52f45eb051df228955add90ca62de66a7ed8af34 (diff) | |
download | Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.tar.gz Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.tar.zst Nix-7df420c27ebe7daaa4fd099c457ce9a9075b840e.zip |
Add certificate creation and handling to websites
Diffstat (limited to 'nixops/modules/websites/connexionswing')
-rw-r--r-- | nixops/modules/websites/connexionswing/default.nix | 21 |
1 files changed, 6 insertions, 15 deletions
diff --git a/nixops/modules/websites/connexionswing/default.nix b/nixops/modules/websites/connexionswing/default.nix index 3643e19..20c5166 100644 --- a/nixops/modules/websites/connexionswing/default.nix +++ b/nixops/modules/websites/connexionswing/default.nix | |||
@@ -25,15 +25,6 @@ in { | |||
25 | secrets.keys = connexionswing_prod.keys; | 25 | secrets.keys = connexionswing_prod.keys; |
26 | services.webstats.sites = [ { name = "connexionswing.com"; } ]; | 26 | services.webstats.sites = [ { name = "connexionswing.com"; } ]; |
27 | 27 | ||
28 | security.acme.certs."connexionswing" = config.services.myCertificates.certConfig // { | ||
29 | domain = "connexionswing.com"; | ||
30 | extraDomains = { | ||
31 | "www.connexionswing.com" = null; | ||
32 | "sandetludo.com" = null; | ||
33 | "www.sandetludo.com" = null; | ||
34 | }; | ||
35 | }; | ||
36 | |||
37 | services.myPhpfpm.preStart.connexionswing_prod = connexionswing_prod.phpFpm.preStart; | 28 | services.myPhpfpm.preStart.connexionswing_prod = connexionswing_prod.phpFpm.preStart; |
38 | services.myPhpfpm.serviceDependencies.connexionswing_prod = connexionswing_prod.phpFpm.serviceDeps; | 29 | services.myPhpfpm.serviceDependencies.connexionswing_prod = connexionswing_prod.phpFpm.serviceDeps; |
39 | services.myPhpfpm.poolConfigs.connexionswing_prod = connexionswing_prod.phpFpm.pool; | 30 | services.myPhpfpm.poolConfigs.connexionswing_prod = connexionswing_prod.phpFpm.pool; |
@@ -45,16 +36,15 @@ in { | |||
45 | ''; | 36 | ''; |
46 | services.websites.production.modules = connexionswing_prod.apache.modules; | 37 | services.websites.production.modules = connexionswing_prod.apache.modules; |
47 | services.websites.production.vhostConfs.connexionswing = { | 38 | services.websites.production.vhostConfs.connexionswing = { |
48 | certName = "connexionswing"; | 39 | certName = "connexionswing"; |
49 | hosts = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ]; | 40 | certMainHost = "connexionswing.com"; |
50 | root = connexionswing_prod.apache.root; | 41 | hosts = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ]; |
51 | extraConfig = [ connexionswing_prod.apache.vhostConf ]; | 42 | root = connexionswing_prod.apache.root; |
43 | extraConfig = [ connexionswing_prod.apache.vhostConf ]; | ||
52 | }; | 44 | }; |
53 | }) | 45 | }) |
54 | (lib.mkIf cfg.integration.enable { | 46 | (lib.mkIf cfg.integration.enable { |
55 | secrets.keys = connexionswing_dev.keys; | 47 | secrets.keys = connexionswing_dev.keys; |
56 | security.acme.certs."eldiron".extraDomains."sandetludo.immae.eu" = null; | ||
57 | security.acme.certs."eldiron".extraDomains."connexionswing.immae.eu" = null; | ||
58 | services.myPhpfpm.preStart.connexionswing_dev = connexionswing_dev.phpFpm.preStart; | 48 | services.myPhpfpm.preStart.connexionswing_dev = connexionswing_dev.phpFpm.preStart; |
59 | services.myPhpfpm.serviceDependencies.connexionswing_dev = connexionswing_dev.phpFpm.serviceDeps; | 49 | services.myPhpfpm.serviceDependencies.connexionswing_dev = connexionswing_dev.phpFpm.serviceDeps; |
60 | services.myPhpfpm.poolConfigs.connexionswing_dev = connexionswing_dev.phpFpm.pool; | 50 | services.myPhpfpm.poolConfigs.connexionswing_dev = connexionswing_dev.phpFpm.pool; |
@@ -67,6 +57,7 @@ in { | |||
67 | services.websites.integration.modules = connexionswing_dev.apache.modules; | 57 | services.websites.integration.modules = connexionswing_dev.apache.modules; |
68 | services.websites.integration.vhostConfs.connexionswing = { | 58 | services.websites.integration.vhostConfs.connexionswing = { |
69 | certName = "eldiron"; | 59 | certName = "eldiron"; |
60 | addToCerts = true; | ||
70 | hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ]; | 61 | hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ]; |
71 | root = connexionswing_dev.apache.root; | 62 | root = connexionswing_dev.apache.root; |
72 | extraConfig = [ connexionswing_dev.apache.vhostConf ]; | 63 | extraConfig = [ connexionswing_dev.apache.vhostConf ]; |