eliribble
/
nixos-systems
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: eliribble:f57f7097c117996c39ce40188586546fab21e97b
Branches Tags
eliribble:main
...
compare: eliribble:7c7b53349a3742bebdd382bc0101d2469d998fe1
Branches Tags
eliribble:main

2 Commits
f57f7097c1 ... 7c7b53349a

Author SHA1 Message Date
Eli Ribble 7c7b53349a Disable the firewall. 
Apparently it's blocking port 80 which is making Let's Encrypt certs
fail as well as screwing with our redirect for web browsers.
 2025-01-03 09:02:48 -07:00
Eli Ribble d7aabdf198 Add ACME-based Let's Encrypt certificate for TLS 
The bare "sovr.cloud" certificate doesn't work yet, but I'm leaving it
there for now.
 2025-01-03 09:02:07 -07:00
1 changed files with 17 additions and 1 deletions
Show Stats Expand all files Collapse all files

18
sovr/etc/nixos/configuration.nix
View File

@ -41,6 +41,22 @@
programs.neovim.enable = true;
programs.neovim.defaultEditor = true;
security.acme = {
acceptTerms = true;
certs."_.sovr.cloud" = {
dnsProvider = "porkbun";
domain = "*.sovr.cloud";
environmentFile = "/opt/keys/porkbun";
group = "nginx";
};
/*certs."sovr.cloud" = {
dnsProvider = "porkbun";
domain = "sovr.cloud";
environmentFile = "/opt/keys/porkbun";
group = "nginx";
};*/
defaults.email = "eli@theribbles.org";
};
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
@ -78,7 +94,7 @@
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you