fix: tls certs

modules/nixos/guests/projectSite/default.nix

@@ -23,7 +23,7 @@ in
 
       networking.firewall.allowedTCPPorts = [
         22
-        8080
+        80
       ];
 
       services.openssh = {
@@ -44,15 +44,17 @@ in
             gateway = [ serviceCfg.interface.gate ];
           };
         };
+      };
 
-        services.website = {
+      services.caddy = {
-          wantedBy = [ "multi-user.target" ];
+        enable = true;
-          after = [ "network.target" ];
+        virtualHosts.":80".extraConfig = ''
-          serviceConfig = {
+          root * /etc/website
-            ExecStart = "${pkgs.miniserve}/bin/miniserve /etc/website --index index.html -p 8080";
+
-            Restart = "always";
+          file_server
-          };
+
-        };
+          try_files {path} /index.html
+        '';
       };
 
       microvm = {
@@ -66,6 +68,7 @@ in
             mac = serviceCfg.interface.mac;
           }
         ];
+
         shares = [
           {
             source = "/nix/store";
@@ -81,7 +84,9 @@ in
   services.caddy = {
     enable = true;
     virtualHosts.${host}.extraConfig = ''
-      reverse_proxy ${serviceCfg.interface.ip}:8080
+      reverse_proxy ${serviceCfg.interface.ip}:80
+
+      tls /var/lib/acme/${host}/fullchain.pem /var/lib/acme/${host}/key.pem
     '';
   };