From d9768ec54e5b7820bb7bf3af5ddd91419349c6d3 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Thu, 1 Jan 2026 09:29:35 -0800 Subject: combine acme and reverse proxy configuration --- machines/argonath.nix | 3 ++- profiles/acme.nix | 12 ------------ profiles/reverse-proxy.nix | 9 +++++++++ 3 files changed, 11 insertions(+), 13 deletions(-) delete mode 100644 profiles/acme.nix diff --git a/machines/argonath.nix b/machines/argonath.nix index b35915d..1677600 100644 --- a/machines/argonath.nix +++ b/machines/argonath.nix @@ -1,7 +1,6 @@ { adminUser, ... }: { imports = [ - ../profiles/acme.nix ../profiles/core-metrics.nix ../profiles/defaults.nix ../profiles/disk/basic-vm.nix @@ -16,6 +15,8 @@ networking.hostName = "argonath"; + age.secrets.acme-cloudflare-env.file = ../secrets/acme-cloudflare-env.age; + system.stateVersion = "25.05"; # Did you read the comment? home-manager.users.${adminUser.name} = { diff --git a/profiles/acme.nix b/profiles/acme.nix deleted file mode 100644 index df04998..0000000 --- a/profiles/acme.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, ... }: -{ - age.secrets.acme-cloudflare-env.file = ../secrets/acme-cloudflare-env.age; - - security.acme.acceptTerms = true; - security.acme.defaults = { - email = "franck@fcuny.net"; - dnsResolver = "1.1.1.1:53"; - dnsProvider = "cloudflare"; - credentialsFile = config.age.secrets.acme-cloudflare-env.path; - }; -} diff --git a/profiles/reverse-proxy.nix b/profiles/reverse-proxy.nix index daf2ecb..45b42f5 100644 --- a/profiles/reverse-proxy.nix +++ b/profiles/reverse-proxy.nix @@ -1,6 +1,7 @@ { pkgs, lib, + config, ... }: let @@ -35,6 +36,14 @@ in 443 ]; + security.acme.acceptTerms = true; + security.acme.defaults = { + email = "franck@fcuny.net"; + dnsResolver = "1.1.1.1:53"; + dnsProvider = "cloudflare"; + credentialsFile = config.age.secrets.acme-cloudflare-env.path; + }; + services.nginx = { enable = true; recommendedProxySettings = true; -- cgit v1.2.3