44 lines
792 B
Nix
44 lines
792 B
Nix
# Starts an Nginx server on $HOSTNAME just to get a cert for this host
|
|
|
|
{ config, pkgs, environment, ... }:
|
|
|
|
let
|
|
hostname = config.networking.hostName;
|
|
|
|
wwwRoot = pkgs.writeTextFile {
|
|
name = "index.html";
|
|
|
|
text = ''
|
|
<html>
|
|
<head>
|
|
<title>${hostname}</title>
|
|
</head>
|
|
<body>
|
|
<h1>${hostname}</title>
|
|
</body>
|
|
</html>
|
|
'';
|
|
destination = "/www";
|
|
};
|
|
|
|
in {
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedTlsSettings = true;
|
|
|
|
virtualHosts."${hostname}" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
root = wwwRoot + ("/" + "www");
|
|
};
|
|
};
|
|
|
|
security.acme.certs = {
|
|
${hostname}.email = "admin@fudo.org";
|
|
};
|
|
}
|