From 55cc5eedd5cebdd6427e13fe6cbf9576d4bafba0 Mon Sep 17 00:00:00 2001
From: Henri Dohmen <henridohmen@posteo.com>
Date: Wed, 16 Jul 2025 10:05:03 +0200
Subject: [PATCH] fixes

---
 desktop/network.nix          |  1 +
 desktop/software/default.nix |  3 +--
 host/roam/firefox-sync.nix   | 11 +++--------
 mod/nginx.nix                |  7 +++++++
 4 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/desktop/network.nix b/desktop/network.nix
index c3b0d5e..1ad6333 100644
--- a/desktop/network.nix
+++ b/desktop/network.nix
@@ -38,6 +38,7 @@ in
             address = var.wg.wireguard-network.${host}.ips;
             privateKeyFile = var.wg.keyFile;
             peers = [ (lib.removeAttrs var.wg.wireguard-network."roam" [ "ips" ]) ];
+            mtu = 1248;
           };
         };
       };
diff --git a/desktop/software/default.nix b/desktop/software/default.nix
index 57cc36c..9113be4 100644
--- a/desktop/software/default.nix
+++ b/desktop/software/default.nix
@@ -51,7 +51,7 @@ in
         enable = true;
         settings = {
           "identity.fxaccounts.enabled" = true;
-          "identity.sync.tokenserver.uri" = "http://fx-sync.lan/1.0/sync/1.5";
+          "identity.sync.tokenserver.uri" = "https://firefox-syncserver.roam.hdohmen.de/1.0/sync/1.5";
           "webgl.disabled" = false;
           "privacy.resistFingerprinting" = false;
           "privacy.clearOnShutdown.history" = false;
@@ -97,7 +97,6 @@ in
         settings = {
           main = {
             "font" = "monospace:size=11";
-            "dpi-aware" = "yes";
           };
         };
       };
diff --git a/host/roam/firefox-sync.nix b/host/roam/firefox-sync.nix
index eee8be3..21e9c32 100644
--- a/host/roam/firefox-sync.nix
+++ b/host/roam/firefox-sync.nix
@@ -19,14 +19,9 @@
     secrets = config.age.secrets.roam-firefox-sync-secret.path;
     singleNode = {
       enable = true;
-      hostname = "fx-sync.lan";
-      enableTLS = false;
-    };
-  };
-  services.nginx.virtualHostsPriv."fx-sync.lan" = {
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:${toString config.services.firefox-syncserver.settings.port}";
-      recommendedProxySettings = true;
+      hostname = "firefox-syncserver.roam.hdohmen.de";
+      enableNginx = true;
+      enableTLS = true;
     };
   };
 }
diff --git a/mod/nginx.nix b/mod/nginx.nix
index 1c0b935..2eae403 100644
--- a/mod/nginx.nix
+++ b/mod/nginx.nix
@@ -23,6 +23,13 @@ with lib;
             addr = var.wg.ips.roam;
             port = 80;
           }
+          /*
+            { TODO: Fix certs
+              addr = var.wg.ips.roam;
+              port = 443;
+              ssl = true;
+            }
+          */
         ];
       }
     ) config.services.nginx.virtualHostsPriv;