mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect.git
synced 2024-11-25 13:01:28 +00:00
Added certificate resolution redundancy. Implemented nginx config reload on resolve success
This commit is contained in:
parent
9d6c8cc638
commit
cfdee451dd
23
nixos-infect
23
nixos-infect
|
@ -48,6 +48,7 @@ makeConf() {
|
|||
./social/pleroma-module.nix
|
||||
./social/pleroma.nix
|
||||
./letsencrypt/acme.nix
|
||||
./letsencrypt/resolve.nix
|
||||
./backup/restic.nix
|
||||
./passmgr/bitwarden.nix
|
||||
./webserver/nginx.nix
|
||||
|
@ -254,6 +255,27 @@ EOF
|
|||
};
|
||||
};
|
||||
}
|
||||
EOF
|
||||
cat > /etc/nixos/letsencrypt/resolve.nix << EOF
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
systemd = {
|
||||
services = {
|
||||
"acme-$DOMAIN" = {
|
||||
serviceConfig = {
|
||||
StartLimitBurst = 5;
|
||||
StartLimitIntervalSec = 5;
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
"nginx-config-reload" = {
|
||||
serviceConfig = {
|
||||
After = [ "acme-$DOMAIN.service" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
EOF
|
||||
|
||||
cat > /etc/nixos/backup/restic.nix << EOF
|
||||
|
@ -311,6 +333,7 @@ EOF
|
|||
{
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
enableReload = true;
|
||||
recommendedGzipSettings = true;
|
||||
recommendedOptimisation = true;
|
||||
recommendedProxySettings = true;
|
||||
|
|
Loading…
Reference in a new issue