1 files changed, 23 insertions, 0 deletions
diff --git a/systems/zoldene/certificates.nix b/systems/zoldene/certificates.nix
new file mode 100644
index 0000000..d6ffd12
--- /dev/null
+++ b/systems/zoldene/certificates.nix
@@ -0,0 +1,23 @@
+{ ... }:
+{
+  disko.devices.zpool.zfast.datasets."root/persist/var/lib/acme" =
+    { type = "zfs_fs"; mountpoint = "/persist/zfast/var/lib/acme"; options.mountpoint = "legacy"; };
+  environment.persistence."/persist/zfast".directories = [
+    {
+      directory = "/var/lib/acme";
+      user = "root";
+      group = "root";
+      mode = "0755";
+    }
+  ];
+  users.users.nginx.extraGroups = [ "acme" ];
+  services.nginx = {
+    enable = true;
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
+    recommendedProxySettings = true;
+  };
+}

diff --git a/systems/zoldene/certificates.nix b/systems/zoldene/certificates.nix new file mode 100644 index 0000000..d6ffd12 --- /dev/null +++ b/systems/zoldene/certificates.nix
@@ -0,0 +1,23 @@
	1	{ ... }:
	2	{
	3	disko.devices.zpool.zfast.datasets."root/persist/var/lib/acme" =
	4	{ type = "zfs_fs"; mountpoint = "/persist/zfast/var/lib/acme"; options.mountpoint = "legacy"; };
	5
	6	environment.persistence."/persist/zfast".directories = [
	7	{
	8	directory = "/var/lib/acme";
	9	user = "root";
	10	group = "root";
	11	mode = "0755";
	12	}
	13	];
	14
	15	users.users.nginx.extraGroups = [ "acme" ];
	16	services.nginx = {
	17	enable = true;
	18	recommendedOptimisation = true;
	19	recommendedGzipSettings = true;
	20	recommendedProxySettings = true;
	21	};
	22
	23	}