commit c4bd57c47d5cea8a4b5b13a68d47b30902397bda (tree)
parent 6f6c863a913d059e0d589cfc70ed618e1872eff0
Author: Motiejus Jakštys <motiejus@jakstys.lt>
Date: Tue, 22 Aug 2023 14:26:47 +0300
acme for irc.jakstys.lt
Diffstat:
2 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/data.nix b/data.nix
@@ -14,6 +14,7 @@ rec {
node = 9002;
};
kodi = 8080;
+ soju = 6697;
};
people_pubkeys = {
diff --git a/hosts/vno1-oh2/configuration.nix b/hosts/vno1-oh2/configuration.nix
@@ -73,6 +73,7 @@
443
myData.ports.grafana
myData.ports.prometheus
+ myData.ports.soju
];
node_exporter.enable = true;
@@ -83,6 +84,10 @@
accountKey = config.age.secrets.letsencrypt-account-key.path;
staging = false;
};
+ zones."irc.jakstys.lt" = {
+ accountKey = config.age.secrets.letsencrypt-account-key.path;
+ staging = true;
+ };
};
deployerbot = {
@@ -222,15 +227,12 @@
systemd.services = {
caddy = let
- grafanaZone = config.mj.services.nsd-acme.zones."grafana.jakstys.lt";
+ acme = config.mj.services.nsd-acme.zones."grafana.jakstys.lt";
in {
- unitConfig.ConditionPathExists = [
- grafanaZone.certFile
- grafanaZone.keyFile
- ];
+ unitConfig.ConditionPathExists = [acme.certFile acme.keyFile];
serviceConfig.LoadCredential = [
- "grafana.jakstys.lt-cert.pem:${grafanaZone.certFile}"
- "grafana.jakstys.lt-key.pem:${grafanaZone.keyFile}"
+ "grafana.jakstys.lt-cert.pem:${acme.certFile}"
+ "grafana.jakstys.lt-key.pem:${acme.keyFile}"
];
after = ["nsd-acme-grafana.jakstys.lt.service"];
wants = ["nsd-acme-grafana.jakstys.lt.service"];
