nginx: generate certificates for custom domains and subdomains

This commit is contained in:
Izorkin 2018-11-16 14:11:31 +03:00 committed by Izorkin
parent 7c7ed5ce06
commit f3d967f830
No known key found for this signature in database
GPG key ID: 1436C1B3F3679F09
3 changed files with 17 additions and 0 deletions

View file

@ -44,6 +44,13 @@ in
description = "The domains that this mail server serves.";
};
certificateDomains = mkOption {
type = types.listOf types.str;
example = [ "imap.example.com" "pop3.example.com" ];
default = [];
description = "Secondary domains and subdomains for which it is necessary to generate a certificate.";
};
messageSizeLimit = mkOption {
type = types.int;
example = 52428800;

View file

@ -595,6 +595,15 @@ certificate is valid for 10 years.
- Default: ``/var/certs``
mailserver.certificateDomains
-----------------------------
Secondary domains and subdomains for which it is necessary to generate a certificate.
- Type: ``list of strings``
- Default: ``[]``
mailserver.certificateFile
--------------------------

View file

@ -29,6 +29,7 @@ in
enable = true;
virtualHosts."${cfg.fqdn}" = {
serverName = cfg.fqdn;
serverAliases = cfg.certificateDomains;
forceSSL = true;
enableACME = true;
acmeRoot = acmeRoot;