aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--virtual/eldiron.nix7
1 files changed, 5 insertions, 2 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index 56c6afd..2d1c50e 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -82,12 +82,16 @@
82 82
83 system.activationScripts = { 83 system.activationScripts = {
84 connexionswing_dev = mypkgs.connexionswing_dev.activationScript; 84 connexionswing_dev = mypkgs.connexionswing_dev.activationScript;
85 httpd = ''
86 install -d -m 0755 /var/lib/acme/acme-challenge
87 install -d -m 0755 /var/www
88 '';
85 }; 89 };
86 90
87 services.httpd = let 91 services.httpd = let
88 withSSL = domain: { 92 withSSL = domain: {
89 enableSSL = true; 93 enableSSL = true;
90 sslServerCert = "/var/lib/acme/${domain}/full.pem"; # FIXME: cert only? 94 sslServerCert = "/var/lib/acme/${domain}/cert.pem";
91 sslServerKey = "/var/lib/acme/${domain}/key.pem"; 95 sslServerKey = "/var/lib/acme/${domain}/key.pem";
92 sslServerChain = "/var/lib/acme/${domain}/fullchain.pem"; 96 sslServerChain = "/var/lib/acme/${domain}/fullchain.pem";
93 }; 97 };
@@ -177,7 +181,6 @@
177 ]; 181 ];
178 }; 182 };
179 183
180 # FIXME: environment variables ?
181 security.pam.services = let 184 security.pam.services = let
182 pam_ldap = pkgs.pam_ldap; 185 pam_ldap = pkgs.pam_ldap;
183 pam_ldap_mysql = assert mylibs.checkEnv "NIXOPS_MYSQL_PAM_PASSWORD"; 186 pam_ldap_mysql = assert mylibs.checkEnv "NIXOPS_MYSQL_PAM_PASSWORD";
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-07 06:26:21 +0000