diff options
author | Ben Sima <ben@bsima.me> | 2025-01-03 16:56:39 -0500 |
---|---|---|
committer | Ben Sima <ben@bsima.me> | 2025-01-03 16:56:39 -0500 |
commit | 178a4fab6cdb5cbde6535d131d3341dba811db32 (patch) | |
tree | b64d1a6bec4342dda603cf7b1f626f2085e6473f /Omni/Cloud/Web.nix | |
parent | 34ed368a9f95e49fe0fe9bce28dd20714edbb155 (diff) |
Get xmpp uploads working again
The problem was that the ssl cert wasn't renewing. I added the domains to the
nginx config, and cleaned up some other stuff. During debug I also udpated
nixos-mailserver and nixos stable because I thought it would fix something; it
didn't but I might as well use the updated versions of stuff since it seems to
still work fine.
Diffstat (limited to 'Omni/Cloud/Web.nix')
-rw-r--r-- | Omni/Cloud/Web.nix | 68 |
1 files changed, 44 insertions, 24 deletions
diff --git a/Omni/Cloud/Web.nix b/Omni/Cloud/Web.nix index 1791539..84f87d4 100644 --- a/Omni/Cloud/Web.nix +++ b/Omni/Cloud/Web.nix @@ -17,6 +17,8 @@ in { ]; }; + users.users.nginx.extraGroups = ["acme"]; + services = { libreddit = { enable = true; @@ -115,7 +117,6 @@ in { names.bensima = "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436"; } }'"; - # disabled for nixpert test "/" = { root = "/var/web/simatime.com"; extraConfig = '' @@ -133,6 +134,24 @@ in { }; }; + # these are for xmpp, not sure if they are necessary but they seem to be? + "conference.${rootDomain}" = { + forceSSL = true; + useACMEHost = rootDomain; + locations."/" = { + root = "/var/web/simatime.com"; + extraConfig = "autoindex on;"; + }; + }; + "upload.${rootDomain}" = { + forceSSL = true; + useACMEHost = rootDomain; + locations."/" = { + root = "/var/web/simatime.com"; + extraConfig = "autoindex on;"; + }; + }; + "bsima.me" = { locations."/" = { root = "/var/web/ben"; @@ -265,27 +284,28 @@ in { }; }; - # This must contain all of the other domains we host - security.acme.certs.${rootDomain}.extraDomainNames = - ["bsima.me" "www.bsima.me"] - ++ map (sub: "${sub}.${rootDomain}") [ - "music" - "tv" - "matrix" - "chat" - "hoogle" - "dandel-rovbur" - "sabten" - "cal" - "notebook" - "nostr" - "reddit" - "old.reddit" - "www.reddit" - "youtube" - "www.youtube" - "m.youtube" - "sd" - "gerrit" - ]; + security.acme.certs.${rootDomain} = { + group = "nginx"; + # This must contain all of the other domains we host + extraDomainNames = + ["bsima.me" "www.bsima.me"] + ++ map (sub: "${sub}.${rootDomain}") [ + "music" + "tv" + "hoogle" + "dandel-rovbur" + "sabten" + "cal" + "notebook" + "nostr" + "youtube" + "www.youtube" + "m.youtube" + "sd" + "gerrit" + # xmpp stuff + "upload" + "conference" + ]; + }; } |