sprechtl/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: everything perfect now trust me bro

Browse source
This commit is contained in:
s-prechtl 2025-07-14 18:54:16 +02:00
parent 6d8ce8772b
commit 45d9c2bf7d
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
hosts/hitsugibune/matrix.nix
View file

@ -42,10 +42,12 @@ in {
}; };
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
# Make certificate readable
users.users.nginx.extraGroups = [ "turnserver" ];
services.nginx.virtualHosts.${turn.realm} = { services.nginx.virtualHosts.${turn.realm} = {
addSSL = true; addSSL = true;
enableACME = false; # well do ACME ourselves enableACME = false; # well do ACME ourselves
forceSSL = false; forceSSL = true;
sslCertificate = "${config.security.acme.certs.${turn.realm}.directory}/full.pem"; sslCertificate = "${config.security.acme.certs.${turn.realm}.directory}/full.pem";
sslCertificateKey = "${config.security.acme.certs.${turn.realm}.directory}/key.pem"; sslCertificateKey = "${config.security.acme.certs.${turn.realm}.directory}/key.pem";
locations."/.well-known/acme-challenge/" = { locations."/.well-known/acme-challenge/" = {