diff options
author | Kjetil Ørbekk <kj@orbekk.com> | 2018-04-02 20:34:01 -0400 |
---|---|---|
committer | Kjetil Ørbekk <kj@orbekk.com> | 2018-04-02 20:34:01 -0400 |
commit | 8614e22297056da56f50cc059e41da64c4b158c1 (patch) | |
tree | 34daf06a6b421ac56376f876dda7c2eda179f6ad /nixos/modules/services/web-servers | |
parent | ee28e35ba37ab285fc29e4a09f26235ffe4123e2 (diff) | |
download | nixlib-8614e22297056da56f50cc059e41da64c4b158c1.tar nixlib-8614e22297056da56f50cc059e41da64c4b158c1.tar.gz nixlib-8614e22297056da56f50cc059e41da64c4b158c1.tar.bz2 nixlib-8614e22297056da56f50cc059e41da64c4b158c1.tar.lz nixlib-8614e22297056da56f50cc059e41da64c4b158c1.tar.xz nixlib-8614e22297056da56f50cc059e41da64c4b158c1.tar.zst nixlib-8614e22297056da56f50cc059e41da64c4b158c1.zip |
fix: nixos/nginx certificate location
Fix issue when using a cert location other than the default.
Diffstat (limited to 'nixos/modules/services/web-servers')
-rw-r--r-- | nixos/modules/services/web-servers/nginx/default.nix | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index dee877f1c114..938a8a1fe334 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -9,15 +9,16 @@ let serverName = if vhostConfig.serverName != null then vhostConfig.serverName else vhostName; + acmeDirectory = config.security.acme.directory; in vhostConfig // { inherit serverName; } // (optionalAttrs vhostConfig.enableACME { - sslCertificate = "/var/lib/acme/${serverName}/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/${serverName}/key.pem"; + sslCertificate = "${acmeDirectory}/${serverName}/fullchain.pem"; + sslCertificateKey = "${acmeDirectory}/${serverName}/key.pem"; }) // (optionalAttrs (vhostConfig.useACMEHost != null) { - sslCertificate = "/var/lib/acme/${vhostConfig.useACMEHost}/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/${vhostConfig.useACMEHost}/key.pem"; + sslCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/fullchain.pem"; + sslCertificateKey = "${acmeDirectory}/${vhostConfig.useACMEHost}/key.pem"; }) ) cfg.virtualHosts; enableIPv6 = config.networking.enableIPv6; |