diff options
author | aszlig <aszlig@redmoonstudios.org> | 2017-09-13 23:03:32 +0200 |
---|---|---|
committer | aszlig <aszlig@redmoonstudios.org> | 2017-09-13 23:16:40 +0200 |
commit | bda38317eb3ad36be74ad08013afeaf55fe9066f (patch) | |
tree | cea6ac93a5c5ff03328f1ad07bbeab377c09bbcb | |
parent | 11b3ae74e19a075e8d733af99530fbbe697cf0d5 (diff) |
nixos/tests/letsencrypt: Fix nginx options
The enableSSL option has been deprecated in a912a6a291eaa5f6a2ad9143c9e276779c357a41, so we switch to using onlySSL. I've also explicitly disabled enableACME, because this is the default and we don't actually want to have ACME enabled for a host which runs an actual ACME server. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
-rw-r--r-- | nixos/tests/common/letsencrypt.nix | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/nixos/tests/common/letsencrypt.nix b/nixos/tests/common/letsencrypt.nix index 162f50385d8fc..5a2a266d4da5c 100644 --- a/nixos/tests/common/letsencrypt.nix +++ b/nixos/tests/common/letsencrypt.nix @@ -371,13 +371,15 @@ in { services.nginx.enable = true; services.nginx.recommendedProxySettings = true; services.nginx.virtualHosts.${wfeDomain} = { - enableSSL = true; + onlySSL = true; + enableACME = false; sslCertificate = wfeCertFile; sslCertificateKey = wfeKeyFile; locations."/".proxyPass = "http://127.0.0.1:80"; }; services.nginx.virtualHosts.${siteDomain} = { - enableSSL = true; + onlySSL = true; + enableACME = false; sslCertificate = siteCertFile; sslCertificateKey = siteKeyFile; locations.${tosPath}.extraConfig = "alias ${tosFile};"; |