forked from the-distro/infra
ofborg: enable nginx for certs
This commit is contained in:
parent
4f1378937f
commit
cae763e8dd
|
@ -26,10 +26,12 @@ in {
|
||||||
webroot = "/var/lib/acme/.challenges";
|
webroot = "/var/lib/acme/.challenges";
|
||||||
group = "rabbitmq";
|
group = "rabbitmq";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.nginx.enable = true;
|
||||||
services.nginx.virtualHosts.${amqpHost}.locations."/.well-known/acme-challenge".root =
|
services.nginx.virtualHosts.${amqpHost}.locations."/.well-known/acme-challenge".root =
|
||||||
"/var/lib/acme/.challenges";
|
"/var/lib/acme/.challenges";
|
||||||
systemd.services.rabbitmq.requires = ["acme-finished-${amqpHost}.target"];
|
systemd.services.rabbitmq.requires = ["acme-finished-${amqpHost}.target"];
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ amqpPort ];
|
networking.firewall.allowedTCPPorts = [ 80 443 amqpPort ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue