feat: added https to website

nix/configuration.nix

@@ -36,9 +36,11 @@
     settings.PasswordAuthentication = false;
   };
 
-  # Enable the volpe service
   services.volpe = {
     enable = true;
-    domain = "69.61.19.180";
+    domain = "blog.jan-leila.com";
+    extraDomains = ["volpe.jan-leila.com"];
+    enableACME = true;
+    acmeEmail = "leyla@jan-leila.com";
   };
-}
+}

nix/module.nix

@@ -13,21 +13,52 @@ in {
     domain = lib.mkOption {
       type = lib.types.str;
       default = "localhost";
-      description = "Domain name for nginx virtual host.";
+      description = "Primary domain name for nginx virtual host.";
+    };
+
+    extraDomains = lib.mkOption {
+      type = lib.types.listOf lib.types.str;
+      default = [];
+      description = "Additional domain names (aliases) for the virtual host.";
+    };
+
+    enableACME = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = "Whether to enable ACME (Let's Encrypt) for SSL certificates.";
+    };
+
+    acmeEmail = lib.mkOption {
+      type = lib.types.str;
+      default = "";
+      description = "Email address for ACME certificate registration.";
     };
   };
 
   config = lib.mkIf cfg.enable {
     services.nginx = {
       enable = true;
+      recommendedTlsSettings = cfg.enableACME;
+      recommendedOptimisation = true;
+      recommendedGzipSettings = true;
+      recommendedProxySettings = true;
+
       virtualHosts.${cfg.domain} = {
         root = "${pkg}";
+        serverAliases = cfg.extraDomains;
+        forceSSL = cfg.enableACME;
+        enableACME = cfg.enableACME;
         locations."/" = {
           tryFiles = "$uri $uri/ /index.html";
         };
       };
     };
 
+    security.acme = lib.mkIf cfg.enableACME {
+      acceptTerms = true;
+      defaults.email = cfg.acmeEmail;
+    };
+
     networking.firewall.allowedTCPPorts = [80 443];
   };
 }