add withWww helper and fix www.pdxdestiny.com cert mismatch
www.pdxdestiny.com had no vhost so nginx fell back to the coldairnetworks.com cert. Added a withWww helper that generates apex + www redirect pair, and wired up pdxdestiny.com as the first user. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
81a97f086e
commit
2624efbde8
2 changed files with 21 additions and 8 deletions
|
|
@ -298,7 +298,7 @@ in {
|
||||||
|
|
||||||
"hyper-quineglobal-com" = {
|
"hyper-quineglobal-com" = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
image = "forge.quinefoundation.com/ironmagma/hyper-quineglobal-com@sha256:9ef23700fee446ca8fc8667cb9c9d8f34788bc97658f2b45c2eb4d61c932d0b5";
|
image = "forge.quinefoundation.com/ironmagma/hyper-quineglobal-com@sha256:d02a47ac19c84b8bd98c66924fc314ed81be77980b6e4dc18438d00c8d578232";
|
||||||
volumes = [];
|
volumes = [];
|
||||||
environment = {};
|
environment = {};
|
||||||
ports = ["3013:8081"];
|
ports = ["3013:8081"];
|
||||||
|
|
@ -379,6 +379,7 @@ in {
|
||||||
"acme-selfsigned-forge.quinefoundation.com.service"
|
"acme-selfsigned-forge.quinefoundation.com.service"
|
||||||
"acme-selfsigned-hyper.quineglobal.com.service"
|
"acme-selfsigned-hyper.quineglobal.com.service"
|
||||||
"acme-selfsigned-pdxdestiny.com.service"
|
"acme-selfsigned-pdxdestiny.com.service"
|
||||||
|
"acme-selfsigned-www.pdxdestiny.com.service"
|
||||||
"acme-selfsigned-philippeterson.com.service"
|
"acme-selfsigned-philippeterson.com.service"
|
||||||
"acme-selfsigned-riverside.coldairnetworks.com.service"
|
"acme-selfsigned-riverside.coldairnetworks.com.service"
|
||||||
"acme-selfsigned-vnc.quinefoundation.com.service"
|
"acme-selfsigned-vnc.quinefoundation.com.service"
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,19 @@
|
||||||
cp ${./pdxdestiny/index.html} $out/index.html
|
cp ${./pdxdestiny/index.html} $out/index.html
|
||||||
cp ${pkgs.copyPathToStore ./pdxdestiny/gold.jpg} $out/gold.jpg
|
cp ${pkgs.copyPathToStore ./pdxdestiny/gold.jpg} $out/gold.jpg
|
||||||
'';
|
'';
|
||||||
|
withWww = domain: config: {
|
||||||
|
"${domain}" = config;
|
||||||
|
"www.${domain}" = {
|
||||||
|
enableACME = true;
|
||||||
|
addSSL = config.addSSL or true;
|
||||||
|
forceSSL = config.forceSSL or false;
|
||||||
|
locations."/" = {
|
||||||
|
extraConfig = ''
|
||||||
|
return 301 https://${domain}$request_uri;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
"_default" = {
|
"_default" = {
|
||||||
|
|
@ -27,12 +40,6 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
"pdxdestiny.com" = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = false;
|
|
||||||
addSSL = true;
|
|
||||||
root = pdxDestinyRoot;
|
|
||||||
};
|
|
||||||
|
|
||||||
"fbksdigital.com" = {
|
"fbksdigital.com" = {
|
||||||
enableACME = true; # Enable Let's Encrypt certificate for HTTPS
|
enableACME = true; # Enable Let's Encrypt certificate for HTTPS
|
||||||
|
|
@ -259,7 +266,12 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
} // (withWww "pdxdestiny.com" {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = false;
|
||||||
|
addSSL = true;
|
||||||
|
root = pdxDestinyRoot;
|
||||||
|
});
|
||||||
|
|
||||||
# Optionally configure additional options
|
# Optionally configure additional options
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue