Use one SSL certificate for all subdomains

This commit is contained in:
coolneng 2024-01-13 18:55:16 +01:00
parent 6251adf032
commit 2abdb9e5a7
Signed by: coolneng
GPG Key ID: 9893DA236405AF57
1 changed files with 23 additions and 11 deletions

View File

@ -31,7 +31,7 @@
'';
virtualHosts = {
"coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
# Redirect from legacy subdirectory URL to subdomain
locations = {
@ -53,7 +53,7 @@
};
};
"radicale.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:5232/";
@ -64,12 +64,12 @@
};
};
"sync.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
locations."/".proxyPass = "http://localhost:8384/";
};
"git.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:3000/";
@ -81,12 +81,12 @@
};
};
"rss.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
locations."/".proxyPass = "http://localhost:8080/";
};
"matrix.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
listen = [
{
@ -109,7 +109,7 @@
};
};
"element.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
locations."/".root = pkgs.element-web.override {
conf.default_server_config = {
@ -119,7 +119,7 @@
};
};
"wallabag.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
root = "${pkgs.wallabag}/web";
locations = {
@ -140,7 +140,7 @@
};
};
"books.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:9000/";
@ -152,7 +152,7 @@
};
};
"grafana.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:9009/";
@ -160,7 +160,7 @@
};
};
"nightscout.coolneng.duckdns.org" = {
enableACME = true;
useACMEHost = "coolneng.duckdns.org";
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:1337";
@ -178,7 +178,19 @@
defaults = {
email = "akasroua@disroot.org";
dnsResolver = "127.0.0.1:53";
group = "nginx";
webroot = "/var/lib/acme/acme-challenge";
};
certs."coolneng.duckdns.org".extraDomainNames = [
"radicale.coolneng.duckdns.org"
"sync.coolneng.duckdns.org"
"git.coolneng.duckdns.org"
"rss.coolneng.duckdns.org"
"matrix.coolneng.duckdns.org"
"element.coolneng.duckdns.org"
"wallabag.coolneng.duckdns.org"
"books.coolneng.duckdns.org"
];
};
# Generate dhparams