newell
/
nix-scripts
forked from M-Labs/nix-scripts
1
0
Fork 0
Code Pull Requests Activity

use single ACME certificate

This commit is contained in:
Sebastien Bourdeauducq 2019-04-01 19:47:47 +08:00
parent b2b17779f7
commit 7e3a95f280
1 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
nixbld-etc-nixos/configuration.nix
View File

@ -132,33 +132,44 @@ ACTION=="add", SUBSYSTEM=="tty", \
siteUrl = "https://chat.m-labs.hk/";
};
security.acme.certs = {
"nixbld.m-labs.hk" = {
webroot = "/var/lib/acme/acme-challenge";
extraDomains = {
"buildbot.m-labs.hk" = null;
"lab.m-labs.hk" = null;
"git.m-labs.hk" = null;
"chat.m-labs.hk" = null;
};
};
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"buildbot.m-labs.hk" = {
addSSL = true;
enableACME = true;
useACMEHost = "nixbld.m-labs.hk";
locations."/".proxyPass = "http://192.168.1.100";
};
"lab.m-labs.hk" = {
addSSL = true;
enableACME = true;
useACMEHost = "nixbld.m-labs.hk";
locations."/".proxyPass = "http://192.168.1.100";
};
"nixbld.m-labs.hk" = {
forceSSL = true;
enableACME = true;
useACMEHost = "nixbld.m-labs.hk";
locations."/".proxyPass = "http://127.0.0.1:3000";
};
"git.m-labs.hk" = {
forceSSL = true;
enableACME = true;
useACMEHost = "nixbld.m-labs.hk";
locations."/".proxyPass = "http://127.0.0.1:3001";
};
"chat.m-labs.hk" = {
forceSSL = true;
enableACME = true;
useACMEHost = "nixbld.m-labs.hk";
locations."/".proxyPass = "http://127.0.0.1:8065";
};
};