Richie/dotfiles
1
0
Fork 0
mirror of https://github.com/RichieCahill/dotfiles.git synced 2026-04-27 09:19:09 -04:00
Code Issues Packages Projects Releases Wiki Activity

adding nornsight

Browse Source
This commit is contained in:
Richie Cahill
2026-04-25 14:37:26 -04:00
parent 0d0ed5445a
commit 73e221716f
9 changed files with 70 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
systems/jeeves/web_services/acme.nix
View File

@@ -5,7 +5,9 @@ let
"gitea"
"jellyfin"
"share"
"verilux"
];
extraDomains = [ "www.norn-sight.com" ];
makeCert = name: {
name = "${name}.tmmworkshop.com";
@@ -16,7 +18,18 @@ let
};
};
acmeServices = map (domain: "acme-${domain}.tmmworkshop.com.service") domains;
makeExtraCert = name: {
inherit name;
value = {
webroot = "/var/lib/acme/.challenges";
group = "acme";
reloadServices = [ "haproxy.service" ];
};
};
acmeServices =
map (domain: "acme-${domain}.tmmworkshop.com.service") domains
++ map (domain: "acme-${domain}.service") extraDomains;
in
{
users.users.haproxy.extraGroups = [ "acme" ];
@@ -24,7 +37,7 @@ in
security.acme = {
acceptTerms = true;
defaults.email = "Richie@tmmworkshop.com";
certs = builtins.listToAttrs (map makeCert domains);
certs = builtins.listToAttrs ((map makeCert domains) ++ (map makeExtraCert extraDomains));
};
# Minimal nginx to serve ACME HTTP-01 challenge files for HAProxy