From a69a3ab91a5f28784a889c066798e910bda339a8 Mon Sep 17 00:00:00 2001
From: Julien Malka <julien@malka.sh>
Date: Mon, 25 Nov 2024 19:03:22 +0100
Subject: [PATCH] fix(gustave/nginx): listen on ipv6 port 80 for let's encrypt

---
 machines/gustave/pages.nix | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/machines/gustave/pages.nix b/machines/gustave/pages.nix
index 49349f9..60b6804 100644
--- a/machines/gustave/pages.nix
+++ b/machines/gustave/pages.nix
@@ -38,9 +38,7 @@
     settingsFile = config.age.secrets."pages-settings-file".path;
   };
 
-  networking.firewall.allowedTCPPorts = [
-    8447
-  ];
+  networking.firewall.allowedTCPPorts = [ 8447 ];
 
   luj.nginx.enable = true;
   services.nginx = {
@@ -51,18 +49,25 @@
 
     defaultListen = [
       {
-        addr = "127.0.0.1";
+        addr = "0.0.0.0";
         port = 8446;
         ssl = true;
         proxyProtocol = true;
       }
       {
         addr = "0.0.0.0";
+        port = 80;
+        ssl = false;
+      }
+      {
+        addr = "[::]";
+        port = 80;
         ssl = false;
       }
     ];
 
     streamConfig = ''
+
       map $ssl_preread_server_name $sni_upstream {
         hostnames;
         default 0.0.0.0:8010;