From 8e1b2bb05e42158de71be66fa32e718cd420f042 Mon Sep 17 00:00:00 2001
From: Gene Liverman <gene@technicalissues.us>
Date: Fri, 5 Apr 2024 09:30:41 -0400
Subject: [PATCH] Working nginx with tls

---
 modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix b/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix
index d1c22cd..d1d4367 100644
--- a/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix
+++ b/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix
@@ -38,10 +38,11 @@ in {
             default = true;
             listen = [
               { port = http_port; addr = "0.0.0.0"; }
-              { port = https_port; addr = "0.0.0.0"; }
+              { port = https_port; addr = "0.0.0.0"; ssl = true; }
             ];
             enableACME = true;
             acmeRoot = null;
+            addSSL = true;
             forceSSL = false;
           };
         };
@@ -54,9 +55,9 @@ in {
           credentialFiles = { "GANDIV5_API_KEY_FILE" = gandi_api; };
           #credentialFiles = { "GANDIV5_PERSONAL_ACCESS_TOKEN_FILE" = gandi_dns_pat; };
           dnsProvider = "gandiv5";
+          # uncomment below for testing
+          #server = "https://acme-staging-v02.api.letsencrypt.org/directory";
         };
-        # uncomment below for testing
-        defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
       };
 
       networking = {