From 36f1c9edf79d7d9e74135954a1280233cff5a681 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kjetil=20=C3=98rbekk?= Date: Wed, 26 Feb 2020 21:53:23 -0500 Subject: Upgrade dragon to NixOS 20.03 --- config/mail-server.nix | 10 +++++----- config/web-server.nix | 13 ++++++++----- 2 files changed, 13 insertions(+), 10 deletions(-) (limited to 'config') diff --git a/config/mail-server.nix b/config/mail-server.nix index 4303912..9ea07f7 100644 --- a/config/mail-server.nix +++ b/config/mail-server.nix @@ -3,8 +3,8 @@ networking.firewall.allowedTCPPorts = [ 25 465 587 ]; services.dovecot2 = { enable = true; - sslServerCert = "${config.security.acme.directory}/shape.orbekk.com/fullchain.pem"; - sslServerKey = "${config.security.acme.directory}/shape.orbekk.com/key.pem"; + sslServerCert = "/var/lib/acme/shape.orbekk.com/fullchain.pem"; + sslServerKey = "/var/lib/acme/shape.orbekk.com/key.pem"; enablePAM = false; extraConfig = '' passdb { @@ -75,8 +75,8 @@ kasiunia: ${katharina} kat: ${katharina} lise: ${lise} ''; - sslCert = "${config.security.acme.directory}/shape.orbekk.com/fullchain.pem"; - sslCACert = "${config.security.acme.directory}/shape.orbekk.com/fullchain.pem"; - sslKey = "${config.security.acme.directory}/shape.orbekk.com/key.pem"; + sslCert = "/var/lib/acme/shape.orbekk.com/fullchain.pem"; + sslCACert = "/var/lib/acme/shape.orbekk.com/fullchain.pem"; + sslKey = "/var/lib/acme/shape.orbekk.com/key.pem"; }; } diff --git a/config/web-server.nix b/config/web-server.nix index 77a508a..bd2c35d 100644 --- a/config/web-server.nix +++ b/config/web-server.nix @@ -6,6 +6,9 @@ { imports = [ ./orbekk-pkgs.nix ]; + security.acme.acceptTerms = true; + security.acme.email = "kj@orbekk.com"; + networking.firewall.allowedTCPPorts = [ 80 443 ]; services.nginx = { enable = true; @@ -49,17 +52,17 @@ autoindex on; ''; }; - locations."/stats" = { + locations."/stats/" = { alias = "/var/lib/stats/out/"; extraConfig = "autoindex on;"; }; - locations."/munin" = { + locations."/munin/" = { alias = "/var/www/munin/"; extraConfig = "autoindex on;"; }; - locations."/mpd" = { - proxyPass = "http://${mpd_loc.address}:${toString mpd_loc.port}/"; - }; + locations."/mpd" = { + proxyPass = "http://${mpd_loc.address}:${toString mpd_loc.port}/"; + }; #locations."/systemd" = { # proxyPass = "http://10.0.20.15:11105/"; #}; -- cgit v1.2.3