commit a9d57a2fd39627774911deb7a178b3480a799aa7
parent bbc80c697e8344665c53e36a14c3335998fb97d4
Author: Katja (ctucx) <git@ctu.cx>
Date: Fri, 7 Mar 2025 11:47:57 +0100
parent bbc80c697e8344665c53e36a14c3335998fb97d4
Author: Katja (ctucx) <git@ctu.cx>
Date: Fri, 7 Mar 2025 11:47:57 +0100
useACMEHost: use `config.networking.fqdn`
24 files changed, 31 insertions(+), 31 deletions(-)
diff --git a/configurations/nixos/configure/smarthome/influxdb2.nix b/configurations/nixos/configure/smarthome/influxdb2.nix @@ -26,7 +26,7 @@ services.nginx = { enable = true; virtualHosts."influx.home.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://${toString config.services.influxdb2.settings.http-bind-address}/";
diff --git a/configurations/nixos/configure/smarthome/mqtt-webui/default.nix b/configurations/nixos/configure/smarthome/mqtt-webui/default.nix @@ -10,7 +10,7 @@ in { services.nginx = { enable = true; virtualHosts."smart.home.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true;
diff --git a/configurations/nixos/configure/smarthome/zigbee2mqtt.nix b/configurations/nixos/configure/smarthome/zigbee2mqtt.nix @@ -35,7 +35,7 @@ nginx = { enable = true; virtualHosts."zigbee2mqtt.${config.networking.domain}" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/" = {
diff --git a/configurations/nixos/services/mailserver/default.nix b/configurations/nixos/services/mailserver/default.nix @@ -102,12 +102,12 @@ in { enable = true; virtualHosts = { "${config.networking.fqdn}" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; }; "autoconfig.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; locations."= /mail/config-v1.1.xml".return = "200 '${mailAutoConfig}'"; };
diff --git a/configurations/nixos/services/matrix-synapse.nix b/configurations/nixos/services/matrix-synapse.nix @@ -67,7 +67,7 @@ matrixClientConfig = { "m.homeserver" = { "base_url" = "https://matrix.ctu.cx"; }; "org.matrix.msc3575.proxy" = { "url" = "https://matrix.ctu.cx"; }; }; in { "ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/.well-known/matrix/server".extraConfig = '' @@ -81,7 +81,7 @@ }; "matrix.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations = {
diff --git a/configurations/nixos/services/prometheus-exporters.nix b/configurations/nixos/services/prometheus-exporters.nix @@ -32,7 +32,7 @@ nginx = { enable = true; virtualHosts."${config.networking.fqdn}" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/node-exporter".proxyPass = "http://${toString config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port}/metrics";
diff --git a/configurations/nixos/services/restic-server.nix b/configurations/nixos/services/restic-server.nix @@ -23,7 +23,7 @@ nginx = { enable = true; virtualHosts."restic.${config.networking.hostName}.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = lib.mkDefault true; kTLS = lib.mkDefault true; locations."/" = {
diff --git a/configurations/nixos/services/syncthing-nginx.nix b/configurations/nixos/services/syncthing-nginx.nix @@ -19,7 +19,7 @@ nginx = { enable = true; virtualHosts."syncthing.${config.networking.hostName}.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://${toString config.services.syncthing.guiAddress}";
diff --git a/configurations/nixos/websites/audiobooks.home.ctu.cx.nix b/configurations/nixos/websites/audiobooks.home.ctu.cx.nix @@ -12,7 +12,7 @@ services.nginx = { enable = true; virtualHosts."audiobooks.home.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true;
diff --git a/configurations/nixos/websites/bikemap.ctu.cx.nix b/configurations/nixos/websites/bikemap.ctu.cx.nix @@ -84,7 +84,7 @@ in { nginx = { enable = true; virtualHosts."bikemap.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; root = "/var/lib/bikemap/";
diff --git a/configurations/nixos/websites/ctu.cx.nix b/configurations/nixos/websites/ctu.cx.nix @@ -8,7 +8,7 @@ services.nginx = { enable = true; virtualHosts."ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; serverAliases = [ "katja.wtf" ]; kTLS = true;
diff --git a/configurations/nixos/websites/dav.ctu.cx.nix b/configurations/nixos/websites/dav.ctu.cx.nix @@ -37,7 +37,7 @@ nginx = { enable = true; virtualHosts."dav.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://[::1]:5232/";
diff --git a/configurations/nixos/websites/dendrite.ctucx.de.nix b/configurations/nixos/websites/dendrite.ctucx.de.nix @@ -30,7 +30,7 @@ enable = true; virtualHosts = { "dendrite.ctucx.de" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations = {
diff --git a/configurations/nixos/websites/fedi.ctu.cx.nix b/configurations/nixos/websites/fedi.ctu.cx.nix @@ -75,7 +75,7 @@ ''; services.nginx.virtualHosts."ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/.well-known/host-meta".extraConfig = "return 301 https://fedi.ctu.cx$request_uri;"; @@ -84,7 +84,7 @@ }; services.nginx.virtualHosts."fedi.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations = {
diff --git a/configurations/nixos/websites/fedi.home.ctu.cx.nix b/configurations/nixos/websites/fedi.home.ctu.cx.nix @@ -63,7 +63,7 @@ ''; services.nginx.virtualHosts."fedi.home.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations = {
diff --git a/configurations/nixos/websites/git.ctu.cx.nix b/configurations/nixos/websites/git.ctu.cx.nix @@ -171,7 +171,7 @@ in { enable = true; virtualHosts = { "cgit.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations = { @@ -191,7 +191,7 @@ in { }; "git.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; root = "/var/lib/stagit";
diff --git a/configurations/nixos/websites/ip.ctu.cx.nix b/configurations/nixos/websites/ip.ctu.cx.nix @@ -7,7 +7,7 @@ dns.zones."ctu.cx".subdomains."ip6".AAAA = [ config.networking.primaryIP ]; services.nginx.virtualHosts."ip.${config.networking.domain}" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/" = { @@ -51,7 +51,7 @@ }; services.nginx.virtualHosts."ip4.${config.networking.domain}" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/" = { @@ -64,7 +64,7 @@ }; services.nginx.virtualHosts."ip6.${config.networking.domain}" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/" = {
diff --git a/configurations/nixos/websites/music.home.ctu.cx.nix b/configurations/nixos/websites/music.home.ctu.cx.nix @@ -19,7 +19,7 @@ in { services.nginx = { enable = true; virtualHosts."music.home.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; root = "/mnt/music_originals";
diff --git a/configurations/nixos/websites/photos.ctu.cx.nix b/configurations/nixos/websites/photos.ctu.cx.nix @@ -87,7 +87,7 @@ in { services.nginx = { enable = true; virtualHosts."photos.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; root = "/var/lib/ctucx-gallery";
diff --git a/configurations/nixos/websites/prometheus.ctu.cx.nix b/configurations/nixos/websites/prometheus.ctu.cx.nix @@ -68,7 +68,7 @@ nginx = { enable = true; virtualHosts."prometheus.${config.networking.domain}" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://[::1]:${toString config.services.prometheus.port}/";
diff --git a/configurations/nixos/websites/storage.home.ctu.cx/default.nix b/configurations/nixos/websites/storage.home.ctu.cx/default.nix @@ -6,7 +6,7 @@ services.nginx.virtualHosts = { "storage.home.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn"; forceSSL = true; kTLS = true;
diff --git a/configurations/nixos/websites/vault.ctu.cx.nix b/configurations/nixos/websites/vault.ctu.cx.nix @@ -47,7 +47,7 @@ nginx = { enable = true; virtualHosts."vault.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://[::1]:${toString config.services.vaultwarden.config.ROCKET_PORT}/";
diff --git a/configurations/nixos/websites/zuggeschmack.de.nix b/configurations/nixos/websites/zuggeschmack.de.nix @@ -74,7 +74,7 @@ ''; services.nginx.virtualHosts."zuggeschmack.de" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; extraConfig = '' @@ -127,7 +127,7 @@ }; services.nginx.virtualHosts."client.zuggeschmack.de" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; root = pkgs.masto-fe-standalone;
diff --git a/machines/wanderduene/rclone-restic-server.nix b/machines/wanderduene/rclone-restic-server.nix @@ -55,7 +55,7 @@ services.nginx = { enable = true; virtualHosts."restic.${config.networking.hostName}.ctu.cx" = { - useACMEHost = "${config.networking.hostName}.${config.networking.domain}"; + useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/" = {