Added certs

config/server.nix

@@ -92,6 +92,7 @@
   home.username = "fw";
   home.homeDirectory = "/home/fw";
 
+
   home.stateVersion = "23.11"; # Did you read the comment?
 
   systemd.user.startServices = "sd-switch";

maskiner/server/configuration.nix

@@ -11,6 +11,7 @@
 	imports = [
 		./hardware-configuration.nix
 		../../config/users.nix
+		../../moduler/common/nginx.nix
 	];
 
 	networking.hostName = "server";

moduler/common/nginx.nix

@@ -0,0 +1,23 @@
+
+{ pkgs, lib, ... }:
+{
+  security.acme = {
+    acceptTerms = true;
+    email = "fredrik@wastring.com";
+	certs."git.wastring.com" = {
+		dnsProvider = "gandi";
+		# Supplying password files like this will make your credentials world-readable
+		# in the Nix store. This is for demonstration purpose only, do not use this in production.
+		credentialsFile = /home/fw/credentials.sh;
+  };
+    };
+   
+  services.nginx = {
+    enable = true;
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+virtualHosts."git.wastring.com" = { default = true; enableACME = true; addSSL = true; locations."/".proxyPass = "http://172.17.0.1:3030/"; };
+    };
+}