Turns out I need port 80 for acme, whoops

modules/system/services/server/blocky/default.nix

@@ -3,12 +3,11 @@
   services.blocky = {
     settings = {
       upstreams.groups.default = [
-	"2606:4700:4700::1111"
+        "2606:4700:4700::1111"
-	"2606:4700:4700::1001"
+        "2606:4700:4700::1001"
         "1.1.1.1"
-	"1.0.0.1"
+        "1.0.0.1"
       ];
-
       blocking = {
         clientGroupsBlock.default = [
           "pro"
@@ -19,7 +18,6 @@
           "tif" = [ "https://codeberg.org/hagezi/mirror2/raw/branch/main/dns-blocklists/wildcard/tif.txt" ];
         };
       };
-
       caching = {
         prefetching = true;
         minTime = "1m";

modules/system/services/server/forgejo/default.nix

@@ -5,9 +5,10 @@
   config = lib.mkIf config.services.forgejo.enable {
     services.forgejo = {
       package = pkgs.forgejo;
+      lfs.enable = true;
       settings = {
         server = {
-          DOMAIN = "git.nixfox.ca";
+          DOMAIN = "sv.nixfox.ca";
           ROOT_URL = "https://git.nixfox.ca:443";
           HTTP_PORT = 3110;
           SSH_PORT = 2299;

modules/system/services/server/matrix/element/default.nix

@@ -1,8 +1,8 @@
-{ config, lib, ... }:
+{ config, ... }:
 {
   imports = [ ./nginx ];
 
-  nixpkgs.config.element-web.conf = lib.mkIf config.services.matrix-synapse.enable {
+  nixpkgs.config.element-web.conf = {
     default_server_config."m.homeserver" = {
       base_url = "https://matrix.nixfox.ca";
       server_name = "matrix.nixfox.ca";

modules/system/services/server/nginx/default.nix

@@ -16,6 +16,9 @@
       recommendedGzipSettings = true;
       recommendedProxySettings = true;
     };
-    networking.firewall.allowedTCPPorts = [ 443 ];
+    networking.firewall.allowedTCPPorts = [
+      80
+      443
+    ];
   };
 }