use enableACME for all virtualHosts

2023-12-19 16:38:46 +04:00
parent 0c4d57c33d
commit 46366702bc
10 changed files with 12 additions and 30 deletions
--- a/sp-modules/pleroma/module.nix
+++ b/sp-modules/pleroma/module.nix
@@ -100,10 +100,9 @@ in
    # seems to be an upstream nixpkgs/nixos bug (missing hexdump)
    systemd.services.pleroma.path = [ pkgs.util-linux ];
    services.nginx.virtualHosts."social.${sp.domain}" = {
-      sslCertificate = "/var/lib/acme/${sp.domain}/fullchain.pem";
-      sslCertificateKey = "/var/lib/acme/${sp.domain}/key.pem";
      root = "/var/www/social.${sp.domain}";
      forceSSL = true;
+      enableACME = true;
      extraConfig = ''
        add_header Strict-Transport-Security $hsts_header;
        #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;