Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hosts: dmz: acme: increase propagation timeout, use wildcard

Browse Source
This commit is contained in:
Kabbone
2024-06-02 12:27:03 +02:00
parent 5824207566
commit 54aeb48839
3 changed files with 43 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
modules/services/dmz/hydra.nix
View File

@@ -5,7 +5,7 @@
hydra = {
enable = true;
hydraURL = "https://hydra.home.opel-online.de";
listenHost = "localhost";
listenHost = "127.0.0.1";
notificationSender = "hydra@localhost";
useSubstitutes = true;
minimumDiskFree = 30;
@@ -19,13 +19,19 @@
nginx = {
enable = true;
virtualHosts = {
"hydra.home.opel-online.de" = {
"home.opel-online.de" = {
enableACME = true;
forceSSL = true;
default = true;
locations."/".return = "503";
};
"hydra.home.opel-online.de" = {
useACMEHost = "home.opel-online.de";
forceSSL = true;
locations."/".proxyPass = "http://localhost:3000";
};
"cache.home.opel-online.de" = {
enableACME = true;
useACMEHost = "home.opel-online.de";
forceSSL = true;
locations."/".proxyPass = "http://localhost:5001";
};
@@ -38,17 +44,18 @@
defaults = {
email = "webmaster@kabtop.de";
#server = "https://acme-staging-v02.api.letsencrypt.org/directory";
dnsResolver = "1.1.1.1:53";
};
certs = {
"hydra.home.opel-online.de" = {
dnsProvider = "netcup";
environmentFile = config.age.secrets."services/acme/opel-online".path;
webroot = null;
};
"cache.home.opel-online.de" = {
"home.opel-online.de" = {
domain = "*.home.opel-online.de";
dnsProvider = "netcup";
environmentFile = config.age.secrets."services/acme/opel-online".path;
webroot = null;
#extraDomainNames = [
# "hydra.home.opel-online.de"
# "cache.home.opel-online.de"
#];
};
};
};