From 0eb63c5e9b07cdf7f7501d1c9c403b75f55f1e6d Mon Sep 17 00:00:00 2001
From: Zynh Ludwig <zynh0722@gmail.com>
Date: Fri, 27 Dec 2024 21:50:05 -0800
Subject: [PATCH] nginx: force ssl

---
 modules/forgejo.nix | 3 +--
 modules/foundry.nix | 3 +--
 modules/nyazoom.nix | 2 +-
 3 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/modules/forgejo.nix b/modules/forgejo.nix
index 1a3d68c..86a27c7 100644
--- a/modules/forgejo.nix
+++ b/modules/forgejo.nix
@@ -13,8 +13,7 @@ in
     permafrost.nginx.enable = lib.mkDefault true;
     permafrost.nginx.certDomains = lib.mkIf ACMEEnabled [ "git.zynh.me" ];
     services.nginx.virtualHosts."git.zynh.me" = {
-      # TODO: Force ssl
-      # addSSL = true;
+      forceSSL = lib.mkIf ACMEEnabled true;
       serverName = "git.zynh.me";
       useACMEHost = lib.mkIf ACMEEnabled "permafrost";
       locations."/" = {
diff --git a/modules/foundry.nix b/modules/foundry.nix
index 4faf3ad..194342b 100644
--- a/modules/foundry.nix
+++ b/modules/foundry.nix
@@ -16,8 +16,7 @@ in
     {
       # permafrost.nginx.certDomains = lib.mkIf ACMEEnabled [ "scarlet.zynh.me" ];
       services.nginx.virtualHosts."scarlet.zynh.me" = {
-        # TODO: Force ssl
-        # addSSL = true;
+        forceSSL = lib.mkIf ACMEEnabled true;
         serverName = "scarlet.zynh.me";
         useACMEHost = lib.mkIf ACMEEnabled "permafrost";
         locations."/.well-known/acme-challenge" = {
diff --git a/modules/nyazoom.nix b/modules/nyazoom.nix
index 3280f2b..e769ff4 100644
--- a/modules/nyazoom.nix
+++ b/modules/nyazoom.nix
@@ -27,9 +27,9 @@ in
     services.nginx.virtualHosts."nyazoom.zynh.me" = {
       # TODO: Force ssl
       # TODO: Force ssl
-      # addSSL = true;
       serverName = "nyazoom.zynh.me";
       useACMEHost = lib.mkIf ACMEEnabled "permafrost";
+      forceSSL = lib.mkIf ACMEEnabled true;
       locations."/" = {
         proxyPass = "http://localhost:3000";
         extraConfig = /* nginx */ ''