From 7df420c27ebe7daaa4fd099c457ce9a9075b840e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Thu, 16 May 2019 23:23:05 +0200
Subject: Add certificate creation and handling to websites

---
 nixops/modules/websites/aten/default.nix | 18 ++++++------------
 1 file changed, 6 insertions(+), 12 deletions(-)

(limited to 'nixops/modules/websites/aten')

diff --git a/nixops/modules/websites/aten/default.nix b/nixops/modules/websites/aten/default.nix
index fd002a5..a9e75b6 100644
--- a/nixops/modules/websites/aten/default.nix
+++ b/nixops/modules/websites/aten/default.nix
@@ -25,13 +25,6 @@ in {
       secrets.keys = aten_prod.keys;
       services.webstats.sites = [ { name = "aten.pro"; } ];
 
-      security.acme.certs."aten" = config.services.myCertificates.certConfig // {
-        domain = "aten.pro";
-        extraDomains = {
-          "www.aten.pro" = null;
-        };
-      };
-
       services.myPhpfpm.preStart.aten_prod = aten_prod.phpFpm.preStart;
       services.myPhpfpm.serviceDependencies.aten_prod = aten_prod.phpFpm.serviceDeps;
       services.myPhpfpm.poolConfigs.aten_prod = aten_prod.phpFpm.pool;
@@ -42,15 +35,15 @@ in {
         '';
       services.websites.production.modules = aten_prod.apache.modules;
       services.websites.production.vhostConfs.aten = {
-        certName    = "aten";
-        hosts       = [ "aten.pro" "www.aten.pro" ];
-        root        = aten_prod.apache.root;
-        extraConfig = [ aten_prod.apache.vhostConf ];
+        certName     = "aten";
+        certMainHost = "aten.pro";
+        hosts        = [ "aten.pro" "www.aten.pro" ];
+        root         = aten_prod.apache.root;
+        extraConfig  = [ aten_prod.apache.vhostConf ];
       };
     })
     (lib.mkIf cfg.integration.enable {
       secrets.keys = aten_dev.keys;
-      security.acme.certs."eldiron".extraDomains."dev.aten.pro" = null;
       services.myPhpfpm.preStart.aten_dev = aten_dev.phpFpm.preStart;
       services.myPhpfpm.serviceDependencies.aten_dev = aten_dev.phpFpm.serviceDeps;
       services.myPhpfpm.poolConfigs.aten_dev = aten_dev.phpFpm.pool;
@@ -62,6 +55,7 @@ in {
       services.websites.integration.modules = aten_dev.apache.modules;
       services.websites.integration.vhostConfs.aten = {
         certName    = "eldiron";
+        addToCerts  = true;
         hosts       = [ "dev.aten.pro" ];
         root        = aten_dev.apache.root;
         extraConfig = [ aten_dev.apache.vhostConf ];
-- 
cgit v1.2.3