Merge pull request 'refactor(jitsi): Use the common TLS cert for Jitsi' (#33) from jitsi-tls-fix into master

Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/33
This commit is contained in:
Inex Code 2023-06-09 16:01:09 +03:00
commit 8006f83257
2 changed files with 8 additions and 6 deletions

View file

@ -11,6 +11,7 @@ in
defaults = {
email = "${cfg.username}@${cfg.domain}";
server = if cfg.dns.useStagingACME then "https://acme-staging-v02.api.letsencrypt.org/directory" else "https://acme-v02.api.letsencrypt.org/directory";
dnsPropagationCheck = false;
};
certs = lib.mkForce {
"${cfg.domain}" = {
@ -20,12 +21,6 @@ in
dnsProvider = lib.strings.toLower cfg.dns.provider;
credentialsFile = "/var/lib/cloudflare/Credentials.ini";
};
"meet.${cfg.domain}" = {
domain = "meet.${cfg.domain}";
group = "acmerecievers";
dnsProvider = lib.strings.toLower cfg.dns.provider;
credentialsFile = "/var/lib/cloudflare/Credentials.ini";
};
};
};
}

View file

@ -151,6 +151,13 @@ in
};
};
};
"meet.${domain}" = {
sslCertificate = "/var/lib/acme/${domain}/fullchain.pem";
sslCertificateKey = "/var/lib/acme/${domain}/key.pem";
forceSSL = true;
useACMEHost = domain;
enableACME = false;
};
};
};
}