../../hardware/hetzner-cloud/cx21.nix
../../secrets
../../pass
- #../../lemmy
+ ../../lemmy/staging
+ ../../lemmy/dev
../../maint-mode
../../git
];
networking.hostName = "these";
- awful.systems.maint-mode = {
- enable = true;
- virtualHost = "awful.systems";
+ services.nginx = {
+ recommendedProxySettings = true;
+ recommendedTlsSettings = true;
+
+ virtualHosts = {
+ "breaking.awful.systems" = {
+ forceSSL = true;
+ enableACME = true;
+ };
+
+ "making.awful.systems" = {
+ forceSSL = true;
+ enableACME = true;
+ };
+
+ };
};
+
+ security.acme = {
+ acceptTerms = true;
+ defaults.email = "self@awful.systems";
+ };
+
+ networking.firewall.allowedTCPPorts = [ 443 ];
}