kinda working.. acme still is throwing fits i think

2024-12-27 00:08:12 -06:00 · 2024-12-27 00:08:12 -06:00 · 90642bdb41
parent d4c6f1752b
commit 90642bdb41
2 changed files with 55 additions and 53 deletions
--- a/modules/mailserver.nix
+++ b/modules/mailserver.nix
@ -7,8 +7,10 @@ in
 with lib;
 {
 #   services.caddy = {
 #     enable = true;
 #     virtualHosts = {
 #       "mail.cochrun.xyz".extraConfig = ''
 # reverse_proxy 8898
 #         tls internal {
 #           key_type rsa2048
 #         } 
@ -21,7 +23,7 @@ with lib;
    fqdn = fqdn;
    domains = [ dn ];
    enableManageSieve = true;
-    mailDirectory = "/home/chris/mailserver/docker-data/mail-data";
+    # mailDirectory = "/home/chris/mailserver/docker-data/mail-data";
    mailboxes = {
      Archive = {
        auto = "subscribe";
@ -46,9 +48,9 @@ with lib;
    };
    useFsLayout = true;
    hierarchySeparator = "/";
-    certificateScheme = "acme-nginx";
+    certificateScheme = "manual";
-    # certificateFile = "/var/lib/acme/${fqdn}/fullchain.pem";
+    certificateFile = "/var/lib/acme/${fqdn}/fullchain.pem";
-    # keyFile = "/var/lib/acme/${fqdn}/key.pem";
+    keyFile = "/var/lib/acme/${fqdn}/key.pem";
    loginAccounts = {
      "chris@cochrun.xyz" = {
        hashedPasswordFile = "/home/chris/mailp";
@ -67,9 +69,9 @@ with lib;
  security.acme = {
    acceptTerms = true;
    defaults.email = "chris@cochrun.xyz";
-    # certs.${fqdn} = {
+    certs.${fqdn} = {
-    #   webroot = "/var/lib/acme/acme-challenge/";
+      webroot = "/var/lib/acme/acme-challenge/";
-    #   # dnsProvider = "namecheap";
+      extraDomainNames = [ "cochrun.xyz" ];
-    # };
+    };
  };
 }
--- a/systems/dalinar/configuration.nix
+++ b/systems/dalinar/configuration.nix
@ -280,21 +280,21 @@
        reverse_proxy localhost:2283
      '';
    };
-    virtualHosts = {
+    # virtualHosts = {
-      "piped.cochrun.xyz".extraConfig = ''
+    #   "piped.cochrun.xyz".extraConfig = ''
-        reverse_proxy http://127.0.0.1:8085
+    #     reverse_proxy http://127.0.0.1:8085
-      '';
+    #   '';
-    };
+    # };
-    virtualHosts = {
+    # virtualHosts = {
-      "pipedapi.cochrun.xyz".extraConfig = ''
+    #   "pipedapi.cochrun.xyz".extraConfig = ''
-        reverse_proxy http://127.0.0.1:8085
+    #     reverse_proxy http://127.0.0.1:8085
-      '';
+    #   '';
-    };
+    # };
-    virtualHosts = {
+    # virtualHosts = {
-      "pipedproxy.cochrun.xyz".extraConfig = ''
+    #   "pipedproxy.cochrun.xyz".extraConfig = ''
-        reverse_proxy http://127.0.0.1:8085
+    #     reverse_proxy http://127.0.0.1:8085
-      '';
+    #   '';
-    };
+    # };
    virtualHosts = {
      "inv.cochrun.xyz".extraConfig = ''
        reverse_proxy http://127.0.0.1:3000
@ -348,26 +348,26 @@
        }
      '';
    };
-    virtualHosts = {
+    # virtualHosts = {
-      "truthmatters.cc".extraConfig = ''
+    #   "truthmatters.cc".extraConfig = ''
-        encode gzip
+    #     encode gzip
-        root * /srv/truthmatters
+    #     root * /srv/truthmatters
-	      file_server        
+	  #     file_server        
-        header {
+    #     header {
-              Access-Control-Allow-Origin *
+    #           Access-Control-Allow-Origin *
-        }
+    #     }
-      '';
+    #   '';
-    };
+    # };
-    virtualHosts = {
+    # virtualHosts = {
-      "new.luctorcrc.org".extraConfig = ''
+    #   "new.luctorcrc.org".extraConfig = ''
-        encode gzip
+    #     encode gzip
-        root * /srv/luctorcrc
+    #     root * /srv/luctorcrc
-	      file_server        
+	  #     file_server        
-        header {
+    #     header {
-              Access-Control-Allow-Origin *
+    #           Access-Control-Allow-Origin *
-        }
+    #     }
-      '';
+    #   '';
-    };
+    # };
    virtualHosts = {
      "nc.cochrun.xyz".extraConfig = ''
        reverse_proxy localhost:8080