add withWww helper and fix www.pdxdestiny.com cert mismatch

www.pdxdestiny.com had no vhost so nginx fell back to the coldairnetworks.com
cert. Added a withWww helper that generates apex + www redirect pair, and
wired up pdxdestiny.com as the first user.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Philip Peterson 2026-05-28 15:44:30 -08:00
parent 81a97f086e
commit 2624efbde8
2 changed files with 21 additions and 8 deletions

View file

@ -298,7 +298,7 @@ in {
"hyper-quineglobal-com" = { "hyper-quineglobal-com" = {
autoStart = true; autoStart = true;
image = "forge.quinefoundation.com/ironmagma/hyper-quineglobal-com@sha256:9ef23700fee446ca8fc8667cb9c9d8f34788bc97658f2b45c2eb4d61c932d0b5"; image = "forge.quinefoundation.com/ironmagma/hyper-quineglobal-com@sha256:d02a47ac19c84b8bd98c66924fc314ed81be77980b6e4dc18438d00c8d578232";
volumes = []; volumes = [];
environment = {}; environment = {};
ports = ["3013:8081"]; ports = ["3013:8081"];
@ -379,6 +379,7 @@ in {
"acme-selfsigned-forge.quinefoundation.com.service" "acme-selfsigned-forge.quinefoundation.com.service"
"acme-selfsigned-hyper.quineglobal.com.service" "acme-selfsigned-hyper.quineglobal.com.service"
"acme-selfsigned-pdxdestiny.com.service" "acme-selfsigned-pdxdestiny.com.service"
"acme-selfsigned-www.pdxdestiny.com.service"
"acme-selfsigned-philippeterson.com.service" "acme-selfsigned-philippeterson.com.service"
"acme-selfsigned-riverside.coldairnetworks.com.service" "acme-selfsigned-riverside.coldairnetworks.com.service"
"acme-selfsigned-vnc.quinefoundation.com.service" "acme-selfsigned-vnc.quinefoundation.com.service"

View file

@ -13,6 +13,19 @@
cp ${./pdxdestiny/index.html} $out/index.html cp ${./pdxdestiny/index.html} $out/index.html
cp ${pkgs.copyPathToStore ./pdxdestiny/gold.jpg} $out/gold.jpg cp ${pkgs.copyPathToStore ./pdxdestiny/gold.jpg} $out/gold.jpg
''; '';
withWww = domain: config: {
"${domain}" = config;
"www.${domain}" = {
enableACME = true;
addSSL = config.addSSL or true;
forceSSL = config.forceSSL or false;
locations."/" = {
extraConfig = ''
return 301 https://${domain}$request_uri;
'';
};
};
};
in in
{ {
"_default" = { "_default" = {
@ -27,12 +40,6 @@
''; '';
}; };
"pdxdestiny.com" = {
enableACME = true;
forceSSL = false;
addSSL = true;
root = pdxDestinyRoot;
};
"fbksdigital.com" = { "fbksdigital.com" = {
enableACME = true; # Enable Let's Encrypt certificate for HTTPS enableACME = true; # Enable Let's Encrypt certificate for HTTPS
@ -259,7 +266,12 @@
''; '';
}; };
}; };
}; } // (withWww "pdxdestiny.com" {
enableACME = true;
forceSSL = false;
addSSL = true;
root = pdxDestinyRoot;
});
# Optionally configure additional options # Optionally configure additional options
recommendedGzipSettings = true; recommendedGzipSettings = true;