diff options
| author | Nguyễn Gia Phong <mcsinyx@disroot.org> | 2022-05-07 02:49:32 +0900 |
|---|---|---|
| committer | Nguyễn Gia Phong <mcsinyx@disroot.org> | 2022-05-07 02:49:32 +0900 |
| commit | c1521fb5a888bc7d72c960c2089abf1ee5643538 (patch) | |
| tree | f221cb148c5d4331955ceb360cce02796b974305 /configuration.nix | |
| parent | 04713bb59f5ddf7daa94555d23a527b31864d71a (diff) | |
| download | nixos-conf-c1521fb5a888bc7d72c960c2089abf1ee5643538.tar.gz | |
Enable a Gemini server
Diffstat (limited to 'configuration.nix')
| -rw-r--r-- | configuration.nix | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/configuration.nix b/configuration.nix index 414af1a..6c446b1 100644 --- a/configuration.nix +++ b/configuration.nix @@ -27,6 +27,7 @@ in { allowedTCPPorts = [ 80 # HTTP 443 # TLS + 1965 # Gemini 2211 # SSH 4001 # IPFS ]; @@ -64,6 +65,16 @@ in { }; }; + molly-brown = let + certDir = config.security.acme.certs.${domain}.directory; + in { + certPath = "${certDir}/cert.pem"; + docBase = "/var/lib/gemini/${domain}"; + enable = true; + hostName = domain; + keyPath = "${certDir}/key.pem"; + }; + nginx = { enable = true; recommendedProxySettings = true; @@ -89,9 +100,14 @@ in { system.stateVersion = "22.05"; - systemd.extraConfig = '' - DefaultTimeoutStartSec=900s - ''; + systemd = { + extraConfig = '' + DefaultTimeoutStartSec=900s + ''; + services.molly-brown.serviceConfig.SupplementaryGroups = [ + config.security.acme.certs.${domain}.group + ]; + }; time.timeZone = "UTC"; |