summaryrefslogtreecommitdiff
path: root/os/kay/modules
diff options
context:
space:
mode:
Diffstat (limited to 'os/kay/modules')
-rw-r--r--os/kay/modules/acme.nix31
-rw-r--r--os/kay/modules/www.nix20
2 files changed, 7 insertions, 44 deletions
diff --git a/os/kay/modules/acme.nix b/os/kay/modules/acme.nix
index 86ae165..00819e7 100644
--- a/os/kay/modules/acme.nix
+++ b/os/kay/modules/acme.nix
@@ -2,39 +2,22 @@
email = config.global.userdata.email;
domain = config.global.userdata.domain;
- domain_angelo = "angeloantony.com";
- secret_path_angelo = "misc/angelo_cloudflare_dns_api_token";
-
environmentFile =
pkgs.writeText "acme-dns" "RFC2136_NAMESERVER='[2001:470:ee65::1]:53'";
in {
- sops.secrets.${secret_path_angelo} = {};
-
security.acme = {
acceptTerms = true;
defaults.email = email;
- certs = {
- ${domain_angelo} = {
- domain = domain_angelo;
- extraDomainNames = [ "*.${domain_angelo}" ];
-
- dnsProvider = "cloudflare";
- credentialFiles.CLOUDFLARE_DNS_API_TOKEN_FILE = config.sops.secrets.${secret_path_angelo}.path;
-
- group = config.services.nginx.group;
- };
-
- ${domain} = {
- inherit domain;
- extraDomainNames = [ "*.${domain}" ];
+ certs.${domain} = {
+ inherit domain;
+ extraDomainNames = [ "*.${domain}" ];
- dnsProvider = "rfc2136";
- dnsPropagationCheck = false; # local DNS server
+ dnsProvider = "rfc2136";
+ dnsPropagationCheck = false; # local DNS server
- inherit environmentFile;
- group = config.services.nginx.group;
- };
+ inherit environmentFile;
+ group = config.services.nginx.group;
};
};
}
diff --git a/os/kay/modules/www.nix b/os/kay/modules/www.nix
index 725abb9..54ff8d2 100644
--- a/os/kay/modules/www.nix
+++ b/os/kay/modules/www.nix
@@ -2,10 +2,6 @@
let
domain = config.global.userdata.domain;
-
- domain_angelo = "angeloantony.com";
- ip_angelo = "10.0.1.6";
-
storage = "/hdd/users/sftp/shr";
in
{
@@ -104,22 +100,6 @@ in
};
};
- ".${domain_angelo}" = defaultOpts // {
- useACMEHost = domain_angelo;
-
- extraConfig = ''
- proxy_buffering off;
- proxy_request_buffering off;
- client_max_body_size 0;
- '';
-
- locations."/" = {
- proxyWebsockets = true;
- proxyPass =
- "http://${ip_angelo}";
- };
- };
-
"${config.services.grafana.settings.server.domain}" = defaultOpts // {
extraConfig = ''
proxy_buffering off;