diff options
author | Domen Kožar <domen@dev.si> | 2016-11-29 15:55:33 +0100 |
---|---|---|
committer | Domen Kožar <domen@dev.si> | 2016-11-29 15:56:01 +0100 |
commit | 75f131da02c00027b9a8240fb74d117cb0f9d9cf (patch) | |
tree | 4f5fe38662f4360743dd0b6039f770551ccb17fb /nixos/modules/security | |
parent | 69e0740baa7b354ee03e6ad1c6a0d4b685fdf1fa (diff) | |
download | nixpkgs-75f131da02c00027b9a8240fb74d117cb0f9d9cf.tar nixpkgs-75f131da02c00027b9a8240fb74d117cb0f9d9cf.tar.gz nixpkgs-75f131da02c00027b9a8240fb74d117cb0f9d9cf.tar.bz2 nixpkgs-75f131da02c00027b9a8240fb74d117cb0f9d9cf.tar.lz nixpkgs-75f131da02c00027b9a8240fb74d117cb0f9d9cf.tar.xz nixpkgs-75f131da02c00027b9a8240fb74d117cb0f9d9cf.tar.zst nixpkgs-75f131da02c00027b9a8240fb74d117cb0f9d9cf.zip |
acme: ensure nginx challenges directory is writeable
Diffstat (limited to 'nixos/modules/security')
-rw-r--r-- | nixos/modules/security/acme.nix | 1 | ||||
-rw-r--r-- | nixos/modules/security/acme.xml | 2 |
2 files changed, 2 insertions, 1 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index 12736e57b4a..726e5471141 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -178,6 +178,7 @@ in path = [ pkgs.simp_le ]; preStart = '' mkdir -p '${cfg.directory}' + chown '${data.user}:${data.group}' '${cfg.directory}' if [ ! -d '${cpath}' ]; then mkdir '${cpath}' fi diff --git a/nixos/modules/security/acme.xml b/nixos/modules/security/acme.xml index 226cf0382da..6fddb27e6a3 100644 --- a/nixos/modules/security/acme.xml +++ b/nixos/modules/security/acme.xml @@ -75,7 +75,7 @@ options for the <literal>security.acme</literal> module.</para> <programlisting> security.acme.certs."foo.example.com" = { - webroot = "/var/www/challenges"; + webroot = config.security.acme.directory + "/acme-challenge"; email = "foo@example.com"; user = "nginx"; group = "nginx"; |