From faa088191c16641f2345311b2f9f4b6597be3719 Mon Sep 17 00:00:00 2001
From: baritone <baritone@mail.spoodythe.one>
Date: Mon, 3 Mar 2025 22:25:44 +0100
Subject: [PATCH] its working

---
 configuration.nix     |  2 +-
 home.nix              |  2 +-
 services/forgejo.nix  | 24 ++++++++++++++++++------
 services/jellyfin.nix |  4 ++--
 4 files changed, 22 insertions(+), 10 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index 47d2640..5752a1a 100755
--- a/configuration.nix
+++ b/configuration.nix
@@ -3,7 +3,7 @@
     ./services/openssh.nix
     ./services/forgejo.nix
     ./services/vaultwarden.nix
-    # ./services/jellyfin.nix
+    ./services/jellyfin.nix
     # ./services/mailserver.nix
     ./services/misc.nix
 
diff --git a/home.nix b/home.nix
index 37a2adf..dbdb74f 100755
--- a/home.nix
+++ b/home.nix
@@ -1,4 +1,4 @@
-{username ? throw "no username provided"}: {pkgs,...}: {
+{username ? throw "no username provided"}: {pkgs, ...}: {
   imports = [];
 
   home.username = username;
diff --git a/services/forgejo.nix b/services/forgejo.nix
index 5970828..d1c80a7 100755
--- a/services/forgejo.nix
+++ b/services/forgejo.nix
@@ -33,13 +33,25 @@ in {
     };
   };
 
-  networking.firewall.allowedTCPPorts = [port];
-  networking.firewall.allowedUDPPorts = [port];
+  networking.firewall.allowedTCPPorts = [80 443];
+  networking.firewall.allowedUDPPorts = [80 443];
 
-  services.caddy = {
+  services.nginx = {
     enable = true;
-    virtualHosts."git.spoodythe.one".extraConfig = ''
-      reverse_proxy * ${host}:${toString port}
-    '';
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+
+    virtualHosts."git.spoodythe.one" = {
+      addSSL = true;
+      enableACME = true;
+      locations."/" = {
+        proxyPass = "http://${host}:${toString port}";
+      };
+    };
   };
+
+  security.acme.acceptTerms = true;
+  security.acme.defaults.email = "snorre@altschul.dk";
 }
diff --git a/services/jellyfin.nix b/services/jellyfin.nix
index b3ac56b..43dd2a7 100644
--- a/services/jellyfin.nix
+++ b/services/jellyfin.nix
@@ -39,8 +39,8 @@ in {
     recommendedTlsSettings = true;
 
     virtualHosts."media.spoodythe.one" = {
-      # addSSL = true;
-      # enableACME = true;
+      addSSL = true;
+      enableACME = true;
       locations."/" = {
         proxyPass = "http://${host}:${toString port}";
       };