summaryrefslogtreecommitdiff
path: root/Omni/Cloud/Web.nix
diff options
context:
space:
mode:
authorBen Sima <ben@bsima.me>2025-01-03 16:56:39 -0500
committerBen Sima <ben@bsima.me>2025-01-03 16:56:39 -0500
commit178a4fab6cdb5cbde6535d131d3341dba811db32 (patch)
treeb64d1a6bec4342dda603cf7b1f626f2085e6473f /Omni/Cloud/Web.nix
parent34ed368a9f95e49fe0fe9bce28dd20714edbb155 (diff)
Get xmpp uploads working again
The problem was that the ssl cert wasn't renewing. I added the domains to the nginx config, and cleaned up some other stuff. During debug I also udpated nixos-mailserver and nixos stable because I thought it would fix something; it didn't but I might as well use the updated versions of stuff since it seems to still work fine.
Diffstat (limited to 'Omni/Cloud/Web.nix')
-rw-r--r--Omni/Cloud/Web.nix68
1 files changed, 44 insertions, 24 deletions
diff --git a/Omni/Cloud/Web.nix b/Omni/Cloud/Web.nix
index 1791539..84f87d4 100644
--- a/Omni/Cloud/Web.nix
+++ b/Omni/Cloud/Web.nix
@@ -17,6 +17,8 @@ in {
];
};
+ users.users.nginx.extraGroups = ["acme"];
+
services = {
libreddit = {
enable = true;
@@ -115,7 +117,6 @@ in {
names.bensima = "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436";
}
}'";
- # disabled for nixpert test
"/" = {
root = "/var/web/simatime.com";
extraConfig = ''
@@ -133,6 +134,24 @@ in {
};
};
+ # these are for xmpp, not sure if they are necessary but they seem to be?
+ "conference.${rootDomain}" = {
+ forceSSL = true;
+ useACMEHost = rootDomain;
+ locations."/" = {
+ root = "/var/web/simatime.com";
+ extraConfig = "autoindex on;";
+ };
+ };
+ "upload.${rootDomain}" = {
+ forceSSL = true;
+ useACMEHost = rootDomain;
+ locations."/" = {
+ root = "/var/web/simatime.com";
+ extraConfig = "autoindex on;";
+ };
+ };
+
"bsima.me" = {
locations."/" = {
root = "/var/web/ben";
@@ -265,27 +284,28 @@ in {
};
};
- # This must contain all of the other domains we host
- security.acme.certs.${rootDomain}.extraDomainNames =
- ["bsima.me" "www.bsima.me"]
- ++ map (sub: "${sub}.${rootDomain}") [
- "music"
- "tv"
- "matrix"
- "chat"
- "hoogle"
- "dandel-rovbur"
- "sabten"
- "cal"
- "notebook"
- "nostr"
- "reddit"
- "old.reddit"
- "www.reddit"
- "youtube"
- "www.youtube"
- "m.youtube"
- "sd"
- "gerrit"
- ];
+ security.acme.certs.${rootDomain} = {
+ group = "nginx";
+ # This must contain all of the other domains we host
+ extraDomainNames =
+ ["bsima.me" "www.bsima.me"]
+ ++ map (sub: "${sub}.${rootDomain}") [
+ "music"
+ "tv"
+ "hoogle"
+ "dandel-rovbur"
+ "sabten"
+ "cal"
+ "notebook"
+ "nostr"
+ "youtube"
+ "www.youtube"
+ "m.youtube"
+ "sd"
+ "gerrit"
+ # xmpp stuff
+ "upload"
+ "conference"
+ ];
+ };
}