Use letsencrypt to generate the TLS certificate

author: EuAndreh <eu@euandre.org> 2020-08-15 19:53:13 -0300
committer: EuAndreh <eu@euandre.org> 2020-08-15 19:53:13 -0300
commit: f3a78189af1acec3fe54bb35b9db259cd7e6cef3 (patch)
tree: 2e43c6ae47644fc4765fc83b9a4706b7270f4b90 /vps-configuration.env.nix
parent: Remove duplicate letsencryptEmail entry (diff)
download: server-f3a78189af1acec3fe54bb35b9db259cd7e6cef3.tar.gz
server-f3a78189af1acec3fe54bb35b9db259cd7e6cef3.tar.xz
1 files changed, 4 insertions, 11 deletions
diff --git a/vps-configuration.env.nix b/vps-configuration.env.nix
index ad24f83..a521bc7 100644
--- a/vps-configuration.env.nix
+++ b/vps-configuration.env.nix
@@ -73,17 +73,6 @@ in {
   security.acme = {
     acceptTerms = true;
     email = envsubstConfiguration.letsencryptEmail;
-    certs = {
-      "${envsubstConfiguration.prosodyTLD}" = {
-        webroot = "/var/www/${envsubstConfiguration.prosodyTLD}";
-        user = "prosody";
-        group = "prosody";
-        extraDomains = {
-          "${envsubstConfiguration.prosodyMUCTLD}" = null;
-          "${envsubstConfiguration.prosodyHTTPUploadTLD}" = null;
-        };
-      };
-    };
   };
 
   services = {
@@ -116,6 +105,10 @@ in {
           enableACME = true;
           root = boneco;
         };
+        "${envsubstConfiguration.prosodyTLD}" = {
+          forceSSL = true;
+          enableACME = true;
+        };
       };
     };
author	EuAndreh <eu@euandre.org>	2020-08-15 19:53:13 -0300
committer	EuAndreh <eu@euandre.org>	2020-08-15 19:53:13 -0300
commit	f3a78189af1acec3fe54bb35b9db259cd7e6cef3 (patch)
tree	2e43c6ae47644fc4765fc83b9a4706b7270f4b90 /vps-configuration.env.nix
parent	Remove duplicate letsencryptEmail entry (diff)
download	server-f3a78189af1acec3fe54bb35b9db259cd7e6cef3.tar.gz server-f3a78189af1acec3fe54bb35b9db259cd7e6cef3.tar.xz