chore: switch away from useACME

2025-12-04 15:00:13 +01:00 · 2025-05-23 03:09:40 +02:00 · 2025-05-23 03:09:40 +02:00 · 8dd8ffb3c8
commit 8dd8ffb3c8
parent a371faa29c
5 changed files with 19 additions and 8 deletions
--- a/modules/services/gokapi.nix
+++ b/modules/services/gokapi.nix
@ -1,8 +1,15 @@
-{ lib, config, pkgs, ... }: {
+{
  lib,
  config,
  pkgs,
  ...
 }:
 {
  services = {
    nginx.virtualHosts."share.liv.town" = {
      useACMEHost = "liv.town";
      forceSSL = true;
      sslCertificate = "/var/lib/acme/liv.town/cert.pem";
      sslCertificateKey = "/var/lib/acme/liv.town/key.pem";
      locations."/" = {
        proxyPass = "http://localhost:53842";
      };
--- a/modules/services/grafana.nix
+++ b/modules/services/grafana.nix
@ -11,8 +11,9 @@
    };
    nginx.virtualHosts.${config.services.grafana.domain} = {
      useACMEHost = "liv.town";
      forceSSL = true;
      sslCertificate = "/var/lib/acme/liv.town/cert.pem";
      sslCertificateKey = "/var/lib/acme/liv.town/key.pem";
      locations."/" = {
        proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
        proxyWebsockets = true;
--- a/modules/services/immich.nix
+++ b/modules/services/immich.nix
@ -1,11 +1,11 @@
-{ config, ... }: {
+{ config, ... }:
 {
  services.immich = {
    enable = true;
    port = 2283;
  };
  # services.nginx.virtualHosts."" = {
  #   enableACME = true;
  #   forceSSL = true;
  #   locations."/" = {
  #     proxyPass = "http://localhost:${toString config.services.immich.port}";
--- a/modules/services/invidious.nix
+++ b/modules/services/invidious.nix
@ -12,7 +12,8 @@
    virtualHosts = {
      "video.liv.town" = {
        forceSSL = true;
-        enableACME = true;
+        sslCertificate = "/var/lib/acme/liv.town/cert.pem";
        sslCertificateKey = "/var/lib/acme/liv.town/key.pem";
        locations."/".proxyPass = "http://127.0.0.1:${toString config.services.invidious.port}";
      };
    };
--- a/modules/services/ntfy.nix
+++ b/modules/services/ntfy.nix
@ -2,7 +2,8 @@ let
  hostname = "notify.liv.town";
  port = 2586;
  url = "https://" + hostname;
-in {
+in
 {
  services = {
    ntfy-sh = {
      enable = true;
@ -16,8 +17,9 @@ in {
      };
    };
    nginx.virtualHosts.${hostname} = {
      useACMEHost = "liv.town";
      forceSSL = true;
      sslCertificate = "/var/lib/acme/liv.town/cert.pem";
      sslCertificateKey = "/var/lib/acme/liv.town/key.pem";
      locations."/" = {
        proxyPass = "http://127.0.0.1:${toString port}";
        proxyWebsockets = true;