summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--machines/lapin/default.nix17
1 files changed, 13 insertions, 4 deletions
diff --git a/machines/lapin/default.nix b/machines/lapin/default.nix
index 00d1608..69960c3 100644
--- a/machines/lapin/default.nix
+++ b/machines/lapin/default.nix
@@ -14,6 +14,17 @@
     ../../services/akkoma
   ];
 
+  security.acme.certs."pds.rnrd.eu" = {
+    group = "nginx";
+    domain = "*.pds.rnrd.eu";
+    extraDomainNames = [ "pds.rnrd.eu" ];
+    dnsProvider = "cloudflare";
+    credentialFiles = {
+      # TODO: use age
+      CLOUDFLARE_DNS_API_TOKEN_FILE = "/home/mel/cloudflare-dns-token.pw";
+    };
+  };
+
   services.nginx.virtualHosts = {
     "soc.rnrd.eu" = {
       forceSSL = true;
@@ -35,11 +46,9 @@
     };
 
     "pds.rnrd.eu" = {
-      # NOTE: technically this isn't needed if
-      # we aren't using the PDS as a handle provider?
-      # serverAliases = [ "*.pds.rnrd.eu" ];
+      serverAliases = [ "*.pds.rnrd.eu" ];
       forceSSL = true;
-      enableACME = true;
+      useACMEHost = "pds.rnrd.eu";
 
       locations."/" = {
         proxyWebsockets = true;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-04-25 14:00:37 +0000