nginx: generate certificates for custom domains and subdomains
This commit is contained in:
parent
7c7ed5ce06
commit
f3d967f830
3 changed files with 17 additions and 0 deletions
|
@ -44,6 +44,13 @@ in
|
||||||
description = "The domains that this mail server serves.";
|
description = "The domains that this mail server serves.";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
certificateDomains = mkOption {
|
||||||
|
type = types.listOf types.str;
|
||||||
|
example = [ "imap.example.com" "pop3.example.com" ];
|
||||||
|
default = [];
|
||||||
|
description = "Secondary domains and subdomains for which it is necessary to generate a certificate.";
|
||||||
|
};
|
||||||
|
|
||||||
messageSizeLimit = mkOption {
|
messageSizeLimit = mkOption {
|
||||||
type = types.int;
|
type = types.int;
|
||||||
example = 52428800;
|
example = 52428800;
|
||||||
|
|
|
@ -595,6 +595,15 @@ certificate is valid for 10 years.
|
||||||
- Default: ``/var/certs``
|
- Default: ``/var/certs``
|
||||||
|
|
||||||
|
|
||||||
|
mailserver.certificateDomains
|
||||||
|
-----------------------------
|
||||||
|
|
||||||
|
Secondary domains and subdomains for which it is necessary to generate a certificate.
|
||||||
|
|
||||||
|
- Type: ``list of strings``
|
||||||
|
- Default: ``[]``
|
||||||
|
|
||||||
|
|
||||||
mailserver.certificateFile
|
mailserver.certificateFile
|
||||||
--------------------------
|
--------------------------
|
||||||
|
|
||||||
|
|
|
@ -29,6 +29,7 @@ in
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts."${cfg.fqdn}" = {
|
virtualHosts."${cfg.fqdn}" = {
|
||||||
serverName = cfg.fqdn;
|
serverName = cfg.fqdn;
|
||||||
|
serverAliases = cfg.certificateDomains;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
acmeRoot = acmeRoot;
|
acmeRoot = acmeRoot;
|
||||||
|
|
Loading…
Reference in a new issue