cilly/flakes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

containers/fluorite: configure ssl cert correctly
Some checks are pending
CI / Build linux-lava for x86_64-linux (push) Waiting to run
Details

Browse source
This commit is contained in:
Cilly Leang 2026-06-16 23:22:18 +10:00
parent 042a04cbfc
commit f1defd435a
Signed by: cilly
GPG key ID: 6500251E087653C9
1 changed files with 4 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
containers/fluorite/flake.nix
View file

@ -28,7 +28,8 @@
inherit modules; inherit modules;
}; };
nixosModule = { config, ... }: let nixosModule = { config, ... }: let
altfqdn = "fluorite.${config.networking.hostName}.lava.moe"; hostfqdn = "${config.networking.hostName}.lava.moe";
altfqdn = "fluorite.${hostfqdn}";
# TODO: HACK # TODO: HACK
listenAddr = if (config.networking.hostName == "alyssum") listenAddr = if (config.networking.hostName == "alyssum")
then [ "100.67.2.1" ] then [ "100.67.2.1" ]
@ -48,8 +49,9 @@
listenAddresses = listenAddr; listenAddresses = listenAddr;
}; };
security.acme.certs.${hostfqdn} = { extraDomainNames = [ "*.${hostfqdn}" ]; };
services.nginx.virtualHosts."${altfqdn}" = { services.nginx.virtualHosts."${altfqdn}" = {
useACMEHost = "lava.moe"; useACMEHost = hostfqdn;
forceSSL = true; forceSSL = true;
locations."/".proxyPass = "http://[${client}]:5030"; locations."/".proxyPass = "http://[${client}]:5030";
listenAddresses = listenAddr; listenAddresses = listenAddr;