blob: bb09cd280df8ad3fca0fbb45d09ddf174362c190 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
{ ... }:
{
networking.firewall.allowedTCPPorts = [ 443 ];
services.nginx = {
enable = true;
recommendedTlsSettings = true;
virtualHosts = {
"jras.nl" = {
onlySSL = true;
kTLS = true;
enableACME = true;
root = "/persist/srv/www/jras.nl";
};
};
};
security.acme.defaults.email = "jaspert.ras@gmail.com";
security.acme.acceptTerms = true;
systemd.tmpfiles.rules = [
"L /var/lib/acme - - - - /persist/var/lib/acme"
];
}
|
