Skynet/misc_nixos-mailserver
7
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Preliminary multi-domain support

Browse source
This commit is contained in:
John Boehr 2017-11-09 13:13:27 -08:00
parent 3d2f41dedc
commit ebd0f656ed
No known key found for this signature in database
GPG key ID: 73B8EFB60708F699
6 changed files with 51 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

35
mail-server/nginx.nix
View file

@ -21,23 +21,34 @@ with (import ./common.nix { inherit config; });
let
cfg = config.mailserver;
allDomains = [ cfg.domain ] ++ cfg.extraDomains;
acmeRoot = "/var/lib/acme/acme-challenge";
in
{
config = with cfg; lib.mkIf (certificateScheme == 3) {
services.nginx = {
enable = true;
virtualHosts = {
domain = {
serverName = "${hostPrefix}.${domain}";
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/var/www";
};
acmeRoot = "/var/lib/acme/acme-challenge";
};
};
virtualHosts = genAttrs allDomains (domain: {
serverName = "${hostPrefix}.${domain}";
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/var/www";
};
acmeRoot = acmeRoot;
});
};
security.acme.certs."${hostPrefix}.${domain}" = {
# @todo what user/group should this run as?
user = "postfix"; # cfg.user;
group = "postfix"; # lib.mkDefault cfg.group;
domain = "${hostPrefix}.${domain}";
extraDomains = map (domain: "${hostPrefix}.${domain}") extraDomains;
webroot = acmeRoot;
# @todo should we reload postfix here?
postRun = ''
systemctl reload nginx
'';
};
};
}