dev: allow website to use acme to provision own cert
1 file changed, 25 insertions(+), 7 deletions(-)
jump to
M system/settings/dev.nix → system/settings/dev.nix
@@ -1,7 +1,13 @@ { config +, lib , pkgs , ... }: { + networking = lib.mkIf pkgs.stdenv.isLinux { + hosts = { + "127.0.0.80" = [ "alanpearce.test" ]; + }; + }; services.caddy = { enable = true; virtualHosts = {@@ -12,17 +18,29 @@ issuer internal { ca local } } - acme_server + acme_server { + allow { + domains *.test + } + } ''; }; - "alanpearce.localhost" = { + "alanpearce.test" = { + serverAliases = [ "alanpearce.localhost" ]; extraConfig = '' - reverse_proxy h2c://alanpearce.localhost:3000 { - transport http { - dial_timeout 1s - compression off - } + tls { + issuer internal { + ca local } + } + reverse_proxy http://alanpearce.test:3000 { + header_up Host alanpearce.test + transport http { + dial_timeout 1s + compression off + } + } + redir / https://alanpearce.test:8443 302 ''; }; "searchix.localhost" = {