From 0e49f4762c87ba2ded17b9a82e875e6a6680f080 Mon Sep 17 00:00:00 2001
From: Lucas Sta Maria <lucas@priime.dev>
Date: Wed, 13 Aug 2025 09:08:07 +0000
Subject: [PATCH] fix(nix): configure nginx/acme for multiple domains

---
 nix/hosts/chaewon/sys.nix | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/nix/hosts/chaewon/sys.nix b/nix/hosts/chaewon/sys.nix
index dd11238..2ce2f1e 100644
--- a/nix/hosts/chaewon/sys.nix
+++ b/nix/hosts/chaewon/sys.nix
@@ -58,6 +58,19 @@
   security.acme = {
     acceptTerms = true;
     defaults.email = "lucas@priime.dev";
+    certs = {
+      "priime.dev" = {
+        webroot = "/var/lib/acme/priime-dev";
+        email = "lucas@priime.dev";
+        group = "nginx";
+        extraDomainNames = [ "www.priime.dev" ];
+      };
+      "files.priime.dev" = {
+        webroot = "/var/lib/acme/files-priime-dev";
+        email = "lucas@priime.dev";
+        group = "nginx";
+      };
+    };
   };
 
   networking.firewall.allowedTCPPorts = [ 80 443 ];
@@ -94,12 +107,15 @@
     virtualHosts = {
       "priime.dev" = {
         forceSSL = true;
-        enableACME = true;
+        useACMEHost = true;
+        serverAliases = [ "www.priime.dev" ];
+        acmeRoot = "/var/lib/acme/priime-dev";
         locations."/".root = "/home/priime/site/build";
       };
       "files.priime.dev" = {
         forceSSL = true;
-        enableACME = true;
+        useACMEHost = true;
+        acmeRoot = "/var/lib/acme/files-priime-dev";
         locations."/" = {
           root = "/var/lib/files.priime.dev";
           extraConfig = ''