tyo0/murmur: use ssl certificate
This commit is contained in:
parent
97f94d43d4
commit
280edb17f7
1 changed files with 17 additions and 0 deletions
|
@ -1,8 +1,25 @@
|
|||
{ config, ... }:
|
||||
let
|
||||
inherit (config.networking) fqdn;
|
||||
in
|
||||
{
|
||||
# `journalctl -u murmur.service | grep Password`
|
||||
services.murmur = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
bandwidth = 256 * 1024; # 256 Kbit/s
|
||||
sslCert = "/run/credentials/murmur.service/cert";
|
||||
sslKey = "/run/credentials/murmur.service/key";
|
||||
};
|
||||
|
||||
systemd.services."murmur".serviceConfig.LoadCredential =
|
||||
let
|
||||
# FIXME: remove somewhat hardcoded path
|
||||
path = "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory";
|
||||
in
|
||||
[
|
||||
"cert:${path}/${fqdn}/${fqdn}.crt"
|
||||
"key:${path}/${fqdn}/${fqdn}.key"
|
||||
];
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue