fixes?

system/web-server/default.nix

@@ -11,6 +11,7 @@
     recommendedTlsSettings = true;
 
     virtualHosts = {
+
       "${config.networking.domain}" = {
         onlySSL = true;
         useACMEHost = config.networking.domain;
@@ -21,6 +22,7 @@
           '';
         };
       };
+
       "${config.networking.fqdn}-80" = {
         serverAliases = [
           "*.ktiu.net"
@@ -33,6 +35,7 @@
           return = "301 https://$host$request_uri";
         };
       };
+
       "${config.networking.fqdn}" = {
         onlySSL = true;
         useACMEHost = config.networking.domain;
@@ -40,6 +43,7 @@
           return = "404";
         };
       };
+
     };
 
   };

system/web-server/forgejo.nix

@@ -14,7 +14,7 @@ in
   ];
 
   services.nginx.virtualHosts."${srv.DOMAIN}" = {
-    forceSSL = true;
+    onlySSL = true;
     useACMEHost = config.networking.domain;
     locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}";
     extraConfig = ''

system/web-server/mail/default.nix

@@ -7,4 +7,10 @@
     ./dovecot.nix
     ./roundcube.nix
   ];
+
+  security.acme.certs."${config.networking.domain}".reloadServices = [
+    "nginx"
+    "dovecot2"
+    "postfix"
+  ];
 }