diff options
author | Kjetil Ørbekk <kj@orbekk.com> | 2020-02-26 21:53:23 -0500 |
---|---|---|
committer | Kjetil Ørbekk <kj@orbekk.com> | 2020-02-26 21:53:23 -0500 |
commit | 36f1c9edf79d7d9e74135954a1280233cff5a681 (patch) | |
tree | 9953d73e8b9ebba66a65aff24d2a070d55213221 /config | |
parent | a3778e547e13c1e0b6b4d1d75a4c2cc700773982 (diff) |
Upgrade dragon to NixOS 20.03
Diffstat (limited to 'config')
-rw-r--r-- | config/mail-server.nix | 10 | ||||
-rw-r--r-- | config/web-server.nix | 13 |
2 files changed, 13 insertions, 10 deletions
diff --git a/config/mail-server.nix b/config/mail-server.nix index 4303912..9ea07f7 100644 --- a/config/mail-server.nix +++ b/config/mail-server.nix @@ -3,8 +3,8 @@ networking.firewall.allowedTCPPorts = [ 25 465 587 ]; services.dovecot2 = { enable = true; - sslServerCert = "${config.security.acme.directory}/shape.orbekk.com/fullchain.pem"; - sslServerKey = "${config.security.acme.directory}/shape.orbekk.com/key.pem"; + sslServerCert = "/var/lib/acme/shape.orbekk.com/fullchain.pem"; + sslServerKey = "/var/lib/acme/shape.orbekk.com/key.pem"; enablePAM = false; extraConfig = '' passdb { @@ -75,8 +75,8 @@ kasiunia: ${katharina} kat: ${katharina} lise: ${lise} ''; - sslCert = "${config.security.acme.directory}/shape.orbekk.com/fullchain.pem"; - sslCACert = "${config.security.acme.directory}/shape.orbekk.com/fullchain.pem"; - sslKey = "${config.security.acme.directory}/shape.orbekk.com/key.pem"; + sslCert = "/var/lib/acme/shape.orbekk.com/fullchain.pem"; + sslCACert = "/var/lib/acme/shape.orbekk.com/fullchain.pem"; + sslKey = "/var/lib/acme/shape.orbekk.com/key.pem"; }; } diff --git a/config/web-server.nix b/config/web-server.nix index 77a508a..bd2c35d 100644 --- a/config/web-server.nix +++ b/config/web-server.nix @@ -6,6 +6,9 @@ { imports = [ ./orbekk-pkgs.nix ]; + security.acme.acceptTerms = true; + security.acme.email = "kj@orbekk.com"; + networking.firewall.allowedTCPPorts = [ 80 443 ]; services.nginx = { enable = true; @@ -49,17 +52,17 @@ autoindex on; ''; }; - locations."/stats" = { + locations."/stats/" = { alias = "/var/lib/stats/out/"; extraConfig = "autoindex on;"; }; - locations."/munin" = { + locations."/munin/" = { alias = "/var/www/munin/"; extraConfig = "autoindex on;"; }; - locations."/mpd" = { - proxyPass = "http://${mpd_loc.address}:${toString mpd_loc.port}/"; - }; + locations."/mpd" = { + proxyPass = "http://${mpd_loc.address}:${toString mpd_loc.port}/"; + }; #locations."/systemd" = { # proxyPass = "http://10.0.20.15:11105/"; #}; |