From 9005940db83cde430ed739fe893a3be0f7fb4446 Mon Sep 17 00:00:00 2001 From: Kopatz <7265381+Kropatz@users.noreply.github.com> Date: Tue, 9 Jul 2024 14:56:12 +0200 Subject: [PATCH] try to get adguard login working --- modules/services/adguard.nix | 6 +++--- modules/services/grafana.nix | 2 +- modules/services/invidious.nix | 2 +- modules/services/kavita.nix | 2 +- modules/services/nextcloud.nix | 2 +- modules/services/step-ca.nix | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/services/adguard.nix b/modules/services/adguard.nix index f50a8ae..1d2e27c 100644 --- a/modules/services/adguard.nix +++ b/modules/services/adguard.nix @@ -27,7 +27,7 @@ in { networking.firewall.allowedUDPPorts = [ 53 ]; security.acme.certs."${cfg.fqdn}".server = - "https://127.0.0.1:8443/acme/acme/directory"; + "https://127.0.0.1:8443/acme/kop-acme/directory"; # nginx reverse proxy services.nginx.virtualHosts.${cfg.fqdn} = { forceSSL = cfg.useHttps; @@ -47,7 +47,7 @@ in { services.adguardhome = { enable = true; settings = { - schema_version = 20; + schema_version = 28; users = [{ name = "admin"; password = @@ -59,6 +59,7 @@ in { protection_enabled = true; filtering_enabled = true; upstream_dns = [ + "https://dns10.quad9.net/dns-query" "https://doh.tiar.app/dns-query" "tls://getdnsapi.net" "https://dns.adguard-dns.com/dns-query" @@ -156,7 +157,6 @@ in { } ]; dhcp = { enabled = false; }; - dhcpv6 = { enabled = false; }; tls = { enabled = false; }; }; }; diff --git a/modules/services/grafana.nix b/modules/services/grafana.nix index 7972c3b..9ef3dac 100644 --- a/modules/services/grafana.nix +++ b/modules/services/grafana.nix @@ -55,7 +55,7 @@ in after = [ "step-ca.service" ]; }; - security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/acme/directory"; + security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/kop-acme/directory"; # nginx reverse proxy services.nginx.virtualHosts.${fqdn} = { forceSSL = useHttps; diff --git a/modules/services/invidious.nix b/modules/services/invidious.nix index df3d801..2d47875 100644 --- a/modules/services/invidious.nix +++ b/modules/services/invidious.nix @@ -49,7 +49,7 @@ in nginx.enable = false; }; - security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/acme/directory"; + security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/kop-acme/directory"; services.nginx.virtualHosts."${fqdn}" = { forceSSL = useHttps; enableACME = useHttps; diff --git a/modules/services/kavita.nix b/modules/services/kavita.nix index 5ce06eb..7917551 100644 --- a/modules/services/kavita.nix +++ b/modules/services/kavita.nix @@ -94,7 +94,7 @@ in lib.mkIf cfg.enable { # ''; # }; security.acme.certs."${fqdn}" = lib.mkIf useStepCa { - server = "https://127.0.0.1:8443/acme/acme/directory"; + server = "https://127.0.0.1:8443/acme/kop-acme/directory"; }; services.nginx.virtualHosts."${fqdn}" = { forceSSL = useHttps; diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix index 7792879..c2ebf38 100644 --- a/modules/services/nextcloud.nix +++ b/modules/services/nextcloud.nix @@ -6,7 +6,7 @@ let in { imports = [ ./postgres.nix ]; - security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/acme/directory"; + security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/kop-acme/directory"; services.nginx = { enable = true; diff --git a/modules/services/step-ca.nix b/modules/services/step-ca.nix index 9a05589..3500c2d 100644 --- a/modules/services/step-ca.nix +++ b/modules/services/step-ca.nix @@ -72,7 +72,7 @@ in provisioners = [ { type = "ACME"; - name = "acme"; + name = "kop-acme"; forceCN = true; } ];