[Nix-dev] Testing Nginx public entry points with NixOps/libvirtd

zimbatm zimbatm at zimbatm.com
Wed Dec 21 19:47:26 CET 2016


Hi,

Your VM needs to be reachable from the internet for letsencrypt to work. If
it's only for internal usage the best thing to do is to provision the
machine with certificates that you generate yourself and add a condition
for production. Alternatively keep it plain HTTP and have a tunnel in
production that does TLS termination.

On Wed, 21 Dec 2016, 11:20 Daniel Hlynskyi, <abcz2.uprola at gmail.com> wrote:

> Hello all NixOps users. I'd like to build my production system with
> libvirtd backend, but I'm stopped with a problem. SSL certificates can't be
> obtained in virtualized environment.
>
> {
>    services.nginx.virtualHosts."example.domain" = {
>      enableSSL = true;
>      enableACME = true;
>    };
> }
>
> As far as I understand, letsencrypt tries to verify "example.domain", but
> it points to production system, not to virtualized.
>
> What are my options to fix this issue? In the end I'd like to add virtual
> server to VPN and test public entry points from developer machine.
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20161221/3b6a7a62/attachment.html>


More information about the nix-dev mailing list