diff options
| author | Franz Pletz <fpletz@fnordicwalking.de> | 2015-12-06 16:55:09 +0100 |
|---|---|---|
| committer | Franz Pletz <fpletz@fnordicwalking.de> | 2015-12-12 16:06:51 +0100 |
| commit | 612781e8169bf13fde26091f2d6c55ebed6ccb6f (patch) | |
| tree | fcff0d0dee06bac02caa16ce9d371da930165e11 /pkgs/development/python-modules/GitPython/hardcode-git-path.patch | |
| parent | 069b1891d34f2a1a674daf6baad02d73ab8228c6 (diff) | |
simp_le service: letsencrypt cert auto-renewal
This new service invokes `simp_le` for a defined set of certs on a regular
basis with a systemd timer. `simp_le` is smart enough to handle account
registration, domain validation and renewal on its own. The only thing
required is an existing HTTP server that serves the path
`/.well-known/acme-challenge` from the webroot cert parameter.
Example:
services.simp_le.certs."foo.example.com" = {
webroot = "/var/www/challenges";
extraDomains = [ "www.example.com" ];
email = "foo@example.com";
validMin = 2592000;
renewInterval = "weekly";
};
Example Nginx vhost:
services.nginx.appendConfig = ''
http {
server {
server_name _;
listen 80;
listen [::]:80;
location /.well-known/acme-challenge {
root /var/www/challenges;
}
location / {
return 301 https://$host$request_uri;
}
}
}
'';
Diffstat (limited to 'pkgs/development/python-modules/GitPython/hardcode-git-path.patch')
0 files changed, 0 insertions, 0 deletions