nixos/nginx: actually act as a mixin

This doesn't require disabling anything. It only changes the defaults

2 files changed, 29 insertions, 17 deletions

diff --git a/modules/nixos/mixins/nginx.nix b/modules/nixos/mixins/nginx.nix
index 67d0c25..13dd5b5 100644
--- a/modules/nixos/mixins/nginx.nix
+++ b/modules/nixos/mixins/nginx.nix
@@ -1,22 +1,35 @@
 { config, lib, ... }:
-let
-  cfg = config.mixins.nginx;
-in
+
 {
-  options.mixins.nginx = {
-    enable = lib.mkEnableOption "NGINX mixin";
+  options = {
+    services.nginx.virtualHosts = lib.mkOption {
+      type = lib.types.attrsOf (
+        lib.types.submodule {
+          config = {
+            enableACME = lib.mkDefault true;
+            forceSSL = lib.mkDefault true;
+          };
+        }
+      );
+    };
   };
 
-  config = lib.mkIf cfg.enable {
-    services.nginx = {
-      enable = true;
+  config = lib.mkMerge [
+    {
+      services.nginx = {
+        enableReload = true;
 
-      recommendedBrotliSettings = true;
-      recommendedGzipSettings = true;
-      recommendedOptimisation = true;
-      recommendedProxySettings = true;
-      recommendedTlsSettings = true;
-      recommendedZstdSettings = true;
-    };
-  };
+        recommendedBrotliSettings = true;
+        recommendedGzipSettings = true;
+        recommendedOptimisation = true;
+        recommendedProxySettings = true;
+        recommendedTlsSettings = true;
+        recommendedZstdSettings = true;
+      };
+    }
+
+    (lib.mkIf config.services.nginx.enable {
+      security.acme.defaults.reloadServices = [ "nginx.service" ];
+    })
+  ];
 }
diff --git a/modules/nixos/profiles/server.nix b/modules/nixos/profiles/server.nix
index fe369ef..a6a19ca 100644
--- a/modules/nixos/profiles/server.nix
+++ b/modules/nixos/profiles/server.nix
@@ -36,7 +36,6 @@ in
 
         mixins = {
           cloudflared.enable = true;
-          nginx.enable = true;
         };
 
         nix.gc = {