nixos-configs/nixosConfigurations/hyperforge/nginx.nix

{ config, ... }:
let
  srv = config.services.forgejo.settings.server;
in
{
  security.acme = {
    acceptTerms = true;
    defaults.email = "acme@darkest.space";
  };

  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
    recommendedGzipSettings = true;
    recommendedOptimisation = true;

    virtualHosts.${srv.DOMAIN} = {
      enableACME = true;
      forceSSL = true;
      extraConfig = ''
        client_max_body_size 512M;
      '';
      locations."/".proxyPass = "http://127.0.0.1:${toString srv.HTTP_PORT}";
    };
  };

  networking.firewall.allowedTCPPorts = [
    80
    443
  ];
}
hyperforge: add forge 2026-05-27 17:58:24 +02:00			`{ config, ... }:`
			`let`
			`srv = config.services.forgejo.settings.server;`
			`in`
			`{`
			`security.acme = {`
			`acceptTerms = true;`
			`defaults.email = "acme@darkest.space";`
			`};`

			`services.nginx = {`
			`enable = true;`
			`recommendedProxySettings = true;`
			`recommendedTlsSettings = true;`
			`recommendedGzipSettings = true;`
			`recommendedOptimisation = true;`

			`virtualHosts.${srv.DOMAIN} = {`
			`enableACME = true;`
			`forceSSL = true;`
			`extraConfig = ''`
			`client_max_body_size 512M;`
			`'';`
			`locations."/".proxyPass = "http://127.0.0.1:${toString srv.HTTP_PORT}";`
			`};`
			`};`

			`networking.firewall.allowedTCPPorts = [`
			`80`
			`443`
			`];`
			`}`