services/website.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

{ webroot }: { config, lib, pkgs, ... }:
let 
fqdn = "crashoverburn.com";
in
{
  users.users.nginx.extraGroups = [ "acme" ];
  security.acme.certs."${fqdn}" = 
  {
    extraDomainNames=  map (x: "${x}.${fqdn}") 
        [
            "pubsub"
            "proxy"
            "upload"
            "conference"
            "social"
            "pics.social"
          ];
    webroot = "/var/lib/acme/acme-challenge/";
  };
  services.nginx = {
    enable = true;
    virtualHosts = {
      "${fqdn}" = {
        forceSSL = true;
        enableACME = true;
        #useACMEHost = "crashoverburn.com";
        locations."/".root = webroot;
      };
      "crashoverburn.online" = {
        forceSSL = true;
        #useACMEHost = "crashoverburn.com";
        enableACME = true;
         locations."/".root = webroot;
      };
    };
  };
}