From 3790698e421e6beebb3f3d82d74d8893c1352457 Mon Sep 17 00:00:00 2001
From: Nick <nickjhiebert@proton.me>
Date: Sun, 23 Nov 2025 03:01:42 -0600
Subject: [PATCH 1/3] fix: tls certs

---
 modules/nixos/guests/projectSite/default.nix | 25 ++++++++++++--------
 1 file changed, 15 insertions(+), 10 deletions(-)

diff --git a/modules/nixos/guests/projectSite/default.nix b/modules/nixos/guests/projectSite/default.nix
index 228a2a1..f234c5e 100755
--- a/modules/nixos/guests/projectSite/default.nix
+++ b/modules/nixos/guests/projectSite/default.nix
@@ -23,7 +23,7 @@ in
 
       networking.firewall.allowedTCPPorts = [
         22
-        8080
+        80
       ];
 
       services.openssh = {
@@ -44,15 +44,17 @@ in
             gateway = [ serviceCfg.interface.gate ];
           };
         };
+      };
 
-        services.website = {
-          wantedBy = [ "multi-user.target" ];
-          after = [ "network.target" ];
-          serviceConfig = {
-            ExecStart = "${pkgs.miniserve}/bin/miniserve /etc/website --index index.html -p 8080";
-            Restart = "always";
-          };
-        };
+      services.caddy = {
+        enable = true;
+        virtualHosts.":80".extraConfig = ''
+          root * /etc/website
+
+          file_server
+
+          try_files {path} /index.html
+        '';
       };
 
       microvm = {
@@ -66,6 +68,7 @@ in
             mac = serviceCfg.interface.mac;
           }
         ];
+
         shares = [
           {
             source = "/nix/store";
@@ -81,7 +84,9 @@ in
   services.caddy = {
     enable = true;
     virtualHosts.${host}.extraConfig = ''
-      reverse_proxy ${serviceCfg.interface.ip}:8080
+      reverse_proxy ${serviceCfg.interface.ip}:80
+
+      tls /var/lib/acme/${host}/fullchain.pem /var/lib/acme/${host}/key.pem
     '';
   };
 

From ccd625105c7a54f68c4a13572bc1ff9f871c2c32 Mon Sep 17 00:00:00 2001
From: Nick <nickjhiebert@proton.me>
Date: Sun, 23 Nov 2025 03:01:57 -0600
Subject: [PATCH 2/3] fix: miniserve removed

---
 modules/nixos/guests/website/default.nix | 51 +++++++++---------------
 1 file changed, 18 insertions(+), 33 deletions(-)

diff --git a/modules/nixos/guests/website/default.nix b/modules/nixos/guests/website/default.nix
index 40553db..5d15f5a 100755
--- a/modules/nixos/guests/website/default.nix
+++ b/modules/nixos/guests/website/default.nix
@@ -16,43 +16,34 @@ in
     autostart = true;
     config = {
       system.stateVersion = "25.05";
-
       networking.firewall.allowedTCPPorts = [
         22
-        8080
+        80
       ];
-
       services.openssh = {
         enable = true;
         settings.PasswordAuthentication = false;
       };
-
       environment.etc."website".source = websitePkg;
-
       users.users.root.openssh.authorizedKeys.keys = flake.config.people.users.${user0}.sshKeys;
-
-      systemd = {
-        network = {
-          enable = true;
-          networks."10-enp" = {
-            matchConfig.Name = "enp0s3";
-            addresses = [
-              { Address = "${serviceCfg.interface.ip}/24"; }
-            ];
-            gateway = [ serviceCfg.interface.gate ];
-          };
-        };
-
-        services.website = {
-          wantedBy = [ "multi-user.target" ];
-          after = [ "network.target" ];
-          serviceConfig = {
-            ExecStart = "${pkgs.miniserve}/bin/miniserve /etc/website --index index.html -p 8080";
-            Restart = "always";
-          };
+      systemd.network = {
+        enable = true;
+        networks."10-enp" = {
+          matchConfig.Name = "enp0s3";
+          addresses = [
+            { Address = "${serviceCfg.interface.ip}/24"; }
+          ];
+          gateway = [ serviceCfg.interface.gate ];
         };
       };
-
+      services.caddy = {
+        enable = true;
+        virtualHosts.":80".extraConfig = ''
+          root * /etc/website
+          file_server
+          try_files {path} /index.html
+        '';
+      };
       microvm = {
         vcpu = 2;
         mem = 3072;
@@ -75,23 +66,17 @@ in
       };
     };
   };
-
   services.caddy = {
-    enable = true;
     virtualHosts.${host}.extraConfig = ''
-      reverse_proxy ${serviceCfg.interface.ip}:8080
-
+      reverse_proxy ${serviceCfg.interface.ip}:80
       tls ${serviceCfg.ssl.cert} ${serviceCfg.ssl.key}
     '';
   };
-
   security.acme.certs.${host} = {
     dnsProvider = instances.web.dns.provider0;
     environmentFile = config.sops.secrets."dns/${instances.web.dns.provider0}".path;
   };
-
   systemd.tmpfiles.rules = [
     "d ${serviceCfg.mntPaths.path0} 0755 microvm wheel - -"
   ];
-
 }

From e25a9bffc1c73b07fcfcde135d1356ee12e8b650 Mon Sep 17 00:00:00 2001
From: Nick <nickjhiebert@proton.me>
Date: Sun, 23 Nov 2025 03:02:08 -0600
Subject: [PATCH 3/3] chore: removed fuckery

---
 profiles/user0/files/misc/justfile.nix | 2 --
 1 file changed, 2 deletions(-)

diff --git a/profiles/user0/files/misc/justfile.nix b/profiles/user0/files/misc/justfile.nix
index f19cba5..3a472fa 100755
--- a/profiles/user0/files/misc/justfile.nix
+++ b/profiles/user0/files/misc/justfile.nix
@@ -63,8 +63,6 @@ in
     ${remoteRebuild}
     ${sshCommand}
     ${microVMSshCommand}
-    addr:
-        http get https://mine.defensio.io/api/statistics/addr1q87k2jlckh6ujqx4ymkdd4jrhy6gukdtum0p77pdh5gqcw8ctl65fvaw097l32ta6m8hth3xu9cjfz70y34gs2mdfzlsj465th | get local_with_donate | get dfo_allocation | $in / 1000000
     balance:
         #!/usr/bin/env nu
         let results = [${balanceHosts}] | each { |h| let val = (^ssh ...($h.ssh | split row " ") 'nu -c "open /var/lib/defenseio-data/MidnightMiner/balances.json | get snapshots | last | get balance"' | into float); print $"($h.name):"; print $val; $val }