chore(web-servers): switch to staging letsencrypt

modules/nixos/server/web-servers/default.nix

@@ -14,10 +14,10 @@ in
         acceptTerms = true;
         defaults = {
           inherit (config.system.mainUser) email;
+          #TODO: switch back to production environment
+          server = "https://acme-staging-v02.api.letsencrypt.org/directory";
           dnsProvider = "cloudflare";
-          credentialFiles = {
+          credentialFiles."CLOUDFLARE_DNS_API_TOKEN_FILE" = config.sops.secrets."keys/cloudflare".path;
-            "CLOUDFLARE_DNS_API_TOKEN_FILE" = config.sops.secrets."keys/cloudflare".path;
-          };
         };
       };
     })

modules/nixos/server/web-servers/nginx/default.nix

@@ -52,18 +52,10 @@ in
             extraConfig = lib.mkOption {
               type = attrs;
               default = { };
-              description = "Will be added to locations.\"/\"";
             };
           };
         });
       default = [ ];
-      example = [
-        {
-          source = "chat.bwfiq.com";
-          target = "http://helios:3080";
-          extraConfig = { };
-        }
-      ];
     };
   };
 

systems/x86_64-linux/apollo/default.nix

@@ -32,6 +32,7 @@
       mattermost.url = "mm.bwfiq.com";
     };
     web-servers = {
+      enableSSL = true;
       nginx = {
         enable = true;
         proxies = [