Added forgejo, actual, and formatted some stuff

2025-09-23 13:23:13 +02:00 · 2025-09-23 13:23:13 +02:00 · 4e60d4fbc9
commit 4e60d4fbc9
parent a6e1b359ef
13 changed files with 293 additions and 130 deletions
--- a/moduler/kitchenowl.nix
+++ b/moduler/kitchenowl.nix
@ -7,6 +7,34 @@
 let
 in
 {
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "fredrik@wastring.com";
+    certs."shop.wastring.com" = {
+      dnsProvider = "gandiv5";
+      webroot = null;
+      credentialsFile = config.sops.secrets.gandi_key.path;
+      dnsPropagationCheck = true;
+    };
+  };
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+    virtualHosts."shop.wastring.com" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:8080";
+        proxyWebsockets = true;
+        extraConfig =
+          "proxy_ssl_server_name on;"
+          +
+            # required when the server wants to use HTTP Authentication
+            "proxy_pass_header Authorization;";
+      };
+    };
+  };
  virtualisation.oci-containers = {
    backend = "podman";
 	containers = {