21 lines
532 B
Nix
21 lines
532 B
Nix
{ config, depot, lib, ... }:
|
|
|
|
{
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
email = lib.mkDefault "letsencrypt@lukegb.com";
|
|
certs."as205479.net" = {
|
|
dnsProvider = "gcloud";
|
|
credentialsFile = depot.ops.secrets.gcpDNSCredentials;
|
|
dnsPropagationCheck = false;
|
|
};
|
|
};
|
|
services.nginx = {
|
|
enable = lib.mkDefault true;
|
|
virtualHosts."as205479.net" = {
|
|
useACMEHost = "as205479.net";
|
|
forceSSL = true;
|
|
locations."/".root = depot.web.as205479 config.networking.hostName;
|
|
};
|
|
};
|
|
}
|