docs: configure ACME HTTP-01 with nginx in setup example

2026-03-05 12:51:20 +01:00
parent c300fdeb63
commit 85967440af
2 changed files with 8 additions and 4 deletions
@@ -16,12 +16,14 @@
  security.acme = {
    acceptTerms = true;
    defaults.email = "security@example.com";
-    certs.${config.mailserver.fqdn} = {
-      # Further setup required, check the manual:
-      # https://nixos.org/manual/nixos/stable/#module-security-acme
-    };
  };

+  # Allow incoming HTTP connections
+  networking.firewall.allowedTCPPorts = [ 80 ];
+
+  # Enable ACME HTTP-01 challenge with nginx
+  services.nginx.virtualHosts.${config.mailserver.fqdn}.enableACME = true;
+
  mailserver = {
    enable = true;
    stateVersion = 3;