From 4f511e755d93ef80e7ea07a60f5d2d417869632b Mon Sep 17 00:00:00 2001
From: Joonas Rautiola <joonas.rautiola@unikie.com>
Date: Mon, 20 Nov 2023 14:12:24 +0200
Subject: [PATCH] Enable https on new cache

---
 hosts/binarycache/default.nix | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/hosts/binarycache/default.nix b/hosts/binarycache/default.nix
index 30e91730..723940af 100644
--- a/hosts/binarycache/default.nix
+++ b/hosts/binarycache/default.nix
@@ -50,18 +50,16 @@
     nameservers = ["1.1.1.1" "8.8.8.8"];
   };
 
-  # acme gets https certificates when we have dns
-  # security.acme = {
-  #   acceptTerms = true;
-  #   defaults.email = "trash@unikie.com";
-  # };
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "trash@unikie.com";
+  };
 
   services.nginx = {
     virtualHosts = {
-      # "cache.vedenemo.dev" = {
-      "_" = {
-        # enableACME = true;
-        # forceSSL = true;
+      "cache.vedenemo.dev" = {
+        enableACME = true;
+        forceSSL = true;
         default = true;
         locations."/" = {
           proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";