diff options
Diffstat (limited to 'sys/atuin.nix')
| -rw-r--r-- | sys/atuin.nix | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/atuin.nix b/sys/atuin.nix index 4b19d187b5c8..e8c8647b27e8 100644 --- a/sys/atuin.nix +++ b/sys/atuin.nix @@ -114,6 +114,8 @@ domain: { postRun ? "systemctl reload nginx.service" , webroot ? "/var/lib/acme/acme-challenge" + , group ? "tls" + , allowKeysForGroup ? true , extraDomains ? {} , ... } @ value: @@ -123,11 +125,13 @@ toAttrs (filter (hasSuffix ".${domain}") vhostDomains); in value // { - inherit postRun webroot; + inherit postRun webroot group allowKeysForGroup; extraDomains = extraDomainsFromVhosts // (toAttrs extraDomains); } ) domains; + users.groups.tls.members = [ "nginx" ]; + services.nginx.virtualHosts = let vhosts = { |