diff options
Diffstat (limited to 'nodes/snorlax/nginx.nix')
| -rw-r--r-- | nodes/snorlax/nginx.nix | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/nodes/snorlax/nginx.nix b/nodes/snorlax/nginx.nix new file mode 100644 index 0000000..bb09cd2 --- /dev/null +++ b/nodes/snorlax/nginx.nix @@ -0,0 +1,25 @@ +{ ... }: +{ + networking.firewall.allowedTCPPorts = [ 443 ]; + + services.nginx = { + enable = true; + recommendedTlsSettings = true; + + virtualHosts = { + "jras.nl" = { + onlySSL = true; + kTLS = true; + enableACME = true; + root = "/persist/srv/www/jras.nl"; + }; + }; + }; + + security.acme.defaults.email = "jaspert.ras@gmail.com"; + security.acme.acceptTerms = true; + + systemd.tmpfiles.rules = [ + "L /var/lib/acme - - - - /persist/var/lib/acme" + ]; +} |