From f871f979a1e1e1dc5e41da451db068e814255ed6 Mon Sep 17 00:00:00 2001
From: TheWanderingCrow <contact@wanderingcrow.net>
Date: Sun, 2 Feb 2025 17:25:38 -0500
Subject: [PATCH] ssl for all

---
 modules/users/overseer/acme.nix               | 3 +++
 modules/users/overseer/services/bookstack.nix | 4 ++++
 modules/users/overseer/services/homebox.nix   | 2 ++
 modules/users/overseer/services/homepage.nix  | 2 ++
 4 files changed, 11 insertions(+)

diff --git a/modules/users/overseer/acme.nix b/modules/users/overseer/acme.nix
index eac804d..0a60a33 100644
--- a/modules/users/overseer/acme.nix
+++ b/modules/users/overseer/acme.nix
@@ -37,6 +37,9 @@ lib.mkIf config.user.overseer.enable {
     };
     certs = {
       "bar.wanderingcrow.net" = {};
+      "home.wanderingcrow.net" = {};
+      "homebox.wanderingcrow.net" = {};
+      "bookstack.wanderingcrow.net" = {};
     };
   };
 }
diff --git a/modules/users/overseer/services/bookstack.nix b/modules/users/overseer/services/bookstack.nix
index 7a3d53e..c18fb3c 100644
--- a/modules/users/overseer/services/bookstack.nix
+++ b/modules/users/overseer/services/bookstack.nix
@@ -33,5 +33,9 @@ in
         hostname = "bookstack.wanderingcrow.net";
         database.createLocally = true;
         appKeyFile = config.sops.secrets."bookstack/key".path;
+        nginx = {
+          forceSSL = true;
+          useACMEHost = "bookstack.wanderingcrow.net";
+        };
       };
     }
diff --git a/modules/users/overseer/services/homebox.nix b/modules/users/overseer/services/homebox.nix
index d70064f..b3f7834 100644
--- a/modules/users/overseer/services/homebox.nix
+++ b/modules/users/overseer/services/homebox.nix
@@ -23,6 +23,8 @@ lib.mkIf config.user.overseer.enable {
       recommendedProxySettings = true;
       virtualHosts = {
         "homebox.wanderingcrow.net" = {
+          forceSSL = true;
+          useACMEHost = "homebox.wanderingcrow.net";
           locations."/" = {
             proxyPass = "http://localhost:7745";
             proxyWebsockets = true;
diff --git a/modules/users/overseer/services/homepage.nix b/modules/users/overseer/services/homepage.nix
index e1df9fa..bc99902 100644
--- a/modules/users/overseer/services/homepage.nix
+++ b/modules/users/overseer/services/homepage.nix
@@ -19,6 +19,8 @@ lib.mkIf config.user.overseer.enable {
     recommendedProxySettings = true;
     virtualHosts = {
       "home.wanderingcrow.net" = {
+        forceSSL = true;
+        useACMEHost = "home.wanderingcrow.net";
         locations."/" = {
           extraConfig = ''
             allow 192.168.0.0/16;