diff options
author | Jörg Thalheim <Mic92@users.noreply.github.com> | 2018-04-09 09:02:51 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-04-09 09:02:51 +0100 |
commit | 41ec2c222384d05de48a7822dc68ecbb1d858755 (patch) | |
tree | 6bb423d5be111389bffddaf4a14479f37e7f6f54 /nixos/modules/services/web-servers | |
parent | c757928697d4dd1b2275a5eea91a72188cbd191b (diff) | |
parent | 8614e22297056da56f50cc059e41da64c4b158c1 (diff) | |
download | nixlib-41ec2c222384d05de48a7822dc68ecbb1d858755.tar nixlib-41ec2c222384d05de48a7822dc68ecbb1d858755.tar.gz nixlib-41ec2c222384d05de48a7822dc68ecbb1d858755.tar.bz2 nixlib-41ec2c222384d05de48a7822dc68ecbb1d858755.tar.lz nixlib-41ec2c222384d05de48a7822dc68ecbb1d858755.tar.xz nixlib-41ec2c222384d05de48a7822dc68ecbb1d858755.tar.zst nixlib-41ec2c222384d05de48a7822dc68ecbb1d858755.zip |
Merge pull request #38362 from orbekk/acme-path
fix: nixos/nginx certificate location
Diffstat (limited to 'nixos/modules/services/web-servers')
-rw-r--r-- | nixos/modules/services/web-servers/nginx/default.nix | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index dee877f1c114..938a8a1fe334 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -9,15 +9,16 @@ let serverName = if vhostConfig.serverName != null then vhostConfig.serverName else vhostName; + acmeDirectory = config.security.acme.directory; in vhostConfig // { inherit serverName; } // (optionalAttrs vhostConfig.enableACME { - sslCertificate = "/var/lib/acme/${serverName}/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/${serverName}/key.pem"; + sslCertificate = "${acmeDirectory}/${serverName}/fullchain.pem"; + sslCertificateKey = "${acmeDirectory}/${serverName}/key.pem"; }) // (optionalAttrs (vhostConfig.useACMEHost != null) { - sslCertificate = "/var/lib/acme/${vhostConfig.useACMEHost}/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/${vhostConfig.useACMEHost}/key.pem"; + sslCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/fullchain.pem"; + sslCertificateKey = "${acmeDirectory}/${vhostConfig.useACMEHost}/key.pem"; }) ) cfg.virtualHosts; enableIPv6 = config.networking.enableIPv6; |