ambroisie/nix-config
ambroisie/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

modules: services: nginx: fix SSL renewal

Browse source 
See this issue [1].

[1]: https://github.com/go-acme/lego/issues/1772.
This commit is contained in:
Bruno BELANYI 2022-11-29 17:19:24 +01:00
parent b85a98c377
commit 1e10c6630b
1 changed files with 11 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
modules/services/nginx/default.nix
View file

@ -3,6 +3,8 @@
let let
cfg = config.my.services.nginx; cfg = config.my.services.nginx;
domain = config.networking.domain;
virtualHostOption = with lib; types.submodule { virtualHostOption = with lib; types.submodule {
options = { options = {
subdomain = mkOption { subdomain = mkOption {
@ -392,10 +394,6 @@ in
acceptTerms = true; acceptTerms = true;
# Use DNS wildcard certificate # Use DNS wildcard certificate
certs = certs =
let
domain = config.networking.domain;
in
with pkgs;
{ {
"${domain}" = { "${domain}" = {
extraDomainNames = [ "*.${domain}" ]; extraDomainNames = [ "*.${domain}" ];
@ -405,6 +403,15 @@ in
}; };
}; };
systemd.services."acme-${domain}" = {
serviceConfig = {
Environment = [
# Since I do a "weird" setup with a wildcard CNAME
"LEGO_DISABLE_CNAME_SUPPORT=true"
];
};
};
services.grafana.provision.dashboards.settings.providers = lib.mkIf cfg.monitoring.enable [ services.grafana.provision.dashboards.settings.providers = lib.mkIf cfg.monitoring.enable [
{ {
name = "NGINX"; name = "NGINX";