Nginx: Difference between revisions
imported>Ledettwy Add entry for serving static files from /nix/store over nginx and having caching work correctly |
imported>Makefu add minimal example |
||
| Line 3: | Line 3: | ||
== Let's Encrypt certificates == | == Let's Encrypt certificates == | ||
The nginx module for NixOS has native support for Let's encrypt certificates; {{nixos:option|services.nginx.+acme}}. The {{manual:nixos|sec=#module-security-acme|chapter=Chapter 20. SSL/TLS Certificates with ACME}} explains it in detail. | The nginx module for NixOS has native support for Let's encrypt certificates; {{nixos:option|services.nginx.+acme}}. The {{manual:nixos|sec=#module-security-acme-nginx|chapter=Chapter 20. SSL/TLS Certificates with ACME}} explains it in detail. | ||
=== Minimal Example === | |||
Assuming that <code>myhost.org</code> resolves to the ip address of your host and port 80 and 443 has been opened. | |||
<syntaxHighlight lang=nix> | |||
services.nginx.enable = true; | |||
services.nginx.virtualHosts."myhost.org" = { | |||
enableSSL = true; | |||
enableACME = true; | |||
root = "/var/www/myhost.org"; | |||
} | |||
</syntaxHighlight> | |||
This will set up nginx to serve files for <code>myhost.org</code>, automatically request an ACME SSL Certificate and will configure systemd timers to renew the certificate if required. | |||
=== Troubleshooting === | === Troubleshooting === | ||