diff --git a/modules/gitea.nix b/modules/gitea.nix
index 56cac6c..9b99bfd 100644
--- a/modules/gitea.nix
+++ b/modules/gitea.nix
@@ -1,6 +1,7 @@
-{ ... }:
+{ lib, ... }:
 let
   domain = "dev.mc-fucker.cool";
+  gitea_port = "3333";
 in
 
 {
@@ -9,6 +10,7 @@ in
     domain = "${domain}";
     rootUrl = "https://${domain}";
     log.level = "Warn";
+    httpPort = (lib.strings.toInt gitea_port);
 
     database = {
       createDatabase = false;
@@ -24,7 +26,6 @@ in
         REGISTER_MANUAL_CONFIRM = true;
       };
       server = {
-        START_SSH_SERVER = true;
         SSH_SERVER_HOST_KEYS = "ssh/gitea.ed25519";
       };
       ui = {
@@ -33,11 +34,25 @@ in
       };
     };
 
-    ssh.clonePort = 2222;
+  };
+
+  services.nginx.virtualHosts."${domain}" = {
+    forceSSL = true;
+    enableACME = true;
+    locations = {
+      "/" = {
+        proxyPass = "http://127.0.0.1:${gitea_port}";
+        extraConfig = ''
+          proxy_set_header Host $host;
+          proxy_set_header X-Real-IP $remote_addr;
+          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header X-Forwarded-Proto $scheme;
+        '';
+      };
+
+    };
 
   };
 
-  networking.firewall.allowedTCPPorts = [ 3000 2222 ];
-
 }
 # vim: set et ts=2 sw=2 ai: