diff options
author | Franck Cuny <franck@fcuny.net> | 2023-05-07 13:45:04 -0700 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2023-05-08 19:22:28 -0700 |
commit | 5d11f49ecf05048626227dfe6f758360775b300f (patch) | |
tree | ac86934f30f88b8749fcbf930a2660e3326d92c9 /modules/services/navidrome/default.nix | |
parent | module for homelab (diff) | |
download | world-5d11f49ecf05048626227dfe6f758360775b300f.tar.gz |
profile/acme: default DNS provider is gandi
Add the API key for gandi to the secrest, create a profile for acme with my defaults. The profile is loaded by tahoe since that's where our services are running on. Update all the servers in nginx to listen on their wireguard interface.
Diffstat (limited to 'modules/services/navidrome/default.nix')
-rw-r--r-- | modules/services/navidrome/default.nix | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/modules/services/navidrome/default.nix b/modules/services/navidrome/default.nix index 1e3b6e7..1c8243a 100644 --- a/modules/services/navidrome/default.nix +++ b/modules/services/navidrome/default.nix @@ -21,20 +21,22 @@ in config = lib.mkIf cfg.enable { services.navidrome = { enable = true; - settings = { MusicFolder = cfg.musicFolder; }; + settings = { + MusicFolder = cfg.musicFolder; + }; }; services.nginx.virtualHosts."${cfg.vhostName}" = { forceSSL = true; - useACMEHost = cfg.vhostName; + useACMEHost = config.homelab.domain; listen = [ { - addr = "100.85.232.66"; + addr = "192.168.6.40"; port = 443; ssl = true; } { - addr = "100.85.232.66"; + addr = "192.168.6.40"; port = 80; ssl = false; } @@ -45,11 +47,6 @@ in }; }; - security.acme.certs."${cfg.vhostName}" = { - dnsProvider = "gcloud"; - credentialsFile = secrets."acme/credentials".path; - }; - my.services.backup = { paths = [ "/var/lib/navidrome" ]; exclude = [ "/var/lib/navidrome/cache/" ]; |