1. 13

  2. 3

    How does the ACME cert integration work here? I can see it in the config there but am not familiar enough with NixOS to understand it. Does it include a Nginx plugin that I am not aware of, is something built into Nginx directly or does it run a script (e.g. acme.sh or certbot) separately?

    I’ve been using a custom docker container that runs certbot --nginx to simplify my own deployment.

    1. 4

      It creates systemd units for getting and renewing the certificates (IIRC a systemd timer for renewal). It’s really nice, I have some NixOS machines running for years and all the ACME stuff is fully automatic.

      1. 3

        The config seen sets up a nginx with a virtual host, using certbot (not sure which ACME-client is used by default but probably certbot) to fetch the certificates.

        NixOS is very nice, especially in cases like this.

        1. 3

          How does the ACME cert integration work here?