william/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nix-config/hosts/alexandria
History
William 73db534269 Switch from wildcard to per-domain SSL certificates 
Updated mkNginxVHosts to use per-domain certificates (enableACME) instead
of shared wildcard certificates (useACMEHost). Each service now requests
its own certificate, avoiding conflicts between hosts and following the
principle of least privilege.

Removed wildcard certificate configuration from both alexandria and trantor.
Each host now only obtains certificates for domains it actually serves:
- Alexandria: pass.baduhai.dev, cloud.baduhai.dev, jellyfin.baduhai.dev
- Trantor: git.baduhai.dev
2025-11-08 21:47:41 -03:00
..
hardware-configuration.nix now using flake-parts; refactored nixosConfigurations; using hm standalone 2025-10-14 19:28:30 -03:00
jellyfin.nix Switch from wildcard to per-domain SSL certificates 2025-11-08 21:47:41 -03:00
nextcloud.nix Switch from wildcard to per-domain SSL certificates 2025-11-08 21:47:41 -03:00
nginx.nix Switch from wildcard to per-domain SSL certificates 2025-11-08 21:47:41 -03:00
unbound.nix Split DNS servers: alexandria for LAN, trantor for tailnet 2025-11-08 21:35:53 -03:00
vaultwarden.nix Switch from wildcard to per-domain SSL certificates 2025-11-08 21:47:41 -03:00