From a75dc9f0d28e466fdecbb8bbcc01c904f39daf61 Mon Sep 17 00:00:00 2001 From: osbm Date: Wed, 5 Nov 2025 13:58:18 +0300 Subject: [PATCH] lets encrypt my ass --- modules/nixos/services/nginx.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/modules/nixos/services/nginx.nix b/modules/nixos/services/nginx.nix index f93d896..1858650 100644 --- a/modules/nixos/services/nginx.nix +++ b/modules/nixos/services/nginx.nix @@ -8,6 +8,15 @@ (lib.mkIf config.osbmModules.services.nginx.enable { services.nginx = { enable = true; + + # Ensure ACME challenge directory is accessible for all domains + commonHttpConfig = '' + # Allow access to ACME challenge directory + location /.well-known/acme-challenge { + root /var/lib/acme/acme-challenge; + allow all; + } + ''; }; networking.firewall.allowedTCPPorts = [