nix
/
lib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove unused options

This commit is contained in:
niten 2024-01-12 13:41:19 -08:00
parent 45b15e65fd
commit 2a27c0f7b1
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
lib/fudo/acme-certs.nix
View File

@ -122,20 +122,20 @@ in {
}; };
config = { config = {
security.acme.certs = mapAttrs (domain: domainOpts: # security.acme.certs = mapAttrs (domain: domainOpts:
{ # {
# email = domainOpts.admin-email; # # email = domainOpts.admin-email;
# webroot = cfg.challenge-path; # # webroot = cfg.challenge-path;
# group = "nginx"; # # group = "nginx";
# extraDomainNames = domainOpts.extra-domains; # # extraDomainNames = domainOpts.extra-domains;
}) localDomains; # }) localDomains;
# Assume that if we're acquiring SSL certs, we have a real IP for the # Assume that if we're acquiring SSL certs, we have a real IP for the
# host. nginx must have an acme dir for security.acme to work. # host. nginx must have an acme dir for security.acme to work.
services.nginx = mkIf hasLocalDomains { services.nginx = mkIf hasLocalDomains {
enable = true; enable = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
virtualHosts = let server-path = "/.well-known/acme-challenge"; virtualHosts = let serverPath = "/.well-known/acme-challenge";
in (mapAttrs (domain: domainOpts: { in (mapAttrs (domain: domainOpts: {
# THIS IS A HACK. Getting redundant paths. So if {domain} is configured # THIS IS A HACK. Getting redundant paths. So if {domain} is configured
# somewhere else, assume ACME is already set. # somewhere else, assume ACME is already set.
@ -151,7 +151,7 @@ in {
serverName = "_"; serverName = "_";
default = true; default = true;
locations = { locations = {
"${server-path}" = { "${serverPath}" = {
root = cfg.challenge-path; root = cfg.challenge-path;
extraConfig = "auth_basic off;"; extraConfig = "auth_basic off;";
}; };