From eba0193863b29490d9ed5233b1bb7c04a643f197 Mon Sep 17 00:00:00 2001
From: Gene Liverman <gene@technicalissues.us>
Date: Tue, 28 Jan 2025 22:19:16 -0500
Subject: [PATCH] Actually listen on port 80, redirect to https

---
 modules/hosts/nixos/hetznix01/post-install/nginx.nix | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/modules/hosts/nixos/hetznix01/post-install/nginx.nix b/modules/hosts/nixos/hetznix01/post-install/nginx.nix
index bebfa6c..09e5b6c 100644
--- a/modules/hosts/nixos/hetznix01/post-install/nginx.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/nginx.nix
@@ -1,5 +1,6 @@
 { config, ... }: let 
   domain = "technicalissues.us";
+  http_port = 80;
   https_port = 443;
 in {
 
@@ -19,6 +20,9 @@ in {
       add_header Strict-Transport-Security $hsts_header;
     '';
     defaultListen = [
+      { port = http_port; addr = "0.0.0.0"; }
+      { port = http_port; addr = "[::]"; }
+
       { port = https_port; addr = "0.0.0.0"; ssl = true; }
       { port = https_port; addr = "[::]"; ssl = true; }
     ];
@@ -69,10 +73,6 @@ in {
         };
       };
       "albyhub.${domain}" = {
-        listen = [
-          { port = https_port; addr = "0.0.0.0"; ssl = true; }
-          { port = https_port; addr = "[::]"; ssl = true; }
-        ];
         enableACME = true;
         acmeRoot = null;
         forceSSL = true;
@@ -85,8 +85,12 @@ in {
       };
       "matrix.${domain}" = {
         listen = [
+          { port = http_port; addr = "0.0.0.0"; }
+          { port = http_port; addr = "[::]"; }
+
           { port = https_port; addr = "0.0.0.0"; ssl = true; }
           { port = https_port; addr = "[::]"; ssl = true; }
+
           { port = 8448; addr = "0.0.0.0"; ssl = true; }
           { port = 8448; addr = "[::]"; ssl = true; }
         ];