acme: provide full nginx example
(cherry picked from commit 2af7382f76a6523f1220637b3ec49ad25a02b040) Signed-off-by: Domen Kožar <domen@dev.si>
This commit is contained in:
Domen Kožar
parent
cbec6a304a
commit
d8f21b3ca3
1 changed files with 20 additions and 0 deletions
|
|
@ -74,7 +74,27 @@ options for the <literal>security.acme</literal> module.</para>
|
|||
</para>
|
||||
|
||||
<programlisting>
|
||||
security.acme.certs."foo.example.com" = {
|
||||
webroot = "/var/www/challenges";
|
||||
email = "foo@example.com";
|
||||
user = "nginx";
|
||||
group = "nginx";
|
||||
postRun = "systemctl restart nginx.service";
|
||||
};
|
||||
services.nginx.httpConfig = ''
|
||||
server {
|
||||
server_name foo.example.com;
|
||||
listen [::]:80;
|
||||
|
||||
location /.well-known/acme-challenge {
|
||||
root /var/www/challenges;
|
||||
}
|
||||
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
server_name foo.example.com;
|
||||
listen 443 ssl;
|
||||
|
|
|
|||
Loading…
Reference in a new issue