{ config, values, ... }: { services.nginx = { enable = true; enableReload = true; recommendedProxySettings = true; recommendedTlsSettings = true; recommendedGzipSettings = true; recommendedOptimisation = true; defaultListen = [ { addr = "192.168.10.175"; port = "80"; ssl = false; } ]; }; networking.firewall.allowedTCPPorts = [ 80 443 # Internal / Default 43080 43443 # External / Publicly exposed ]; security.acme = { acceptTerms = true; defaults.email = "felix@albrigtsen.it"; }; }