spec(library): add nginx service, add acme

spec/library/nginx.nix

@@ -0,0 +1,37 @@
+{
+  services.nginx = {
+    enable = true;
+
+    # enable all recommended settings
+    recommendedTlsSettings = true;
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
+    recommendedProxySettings = true;
+
+    # set a reasonable default
+    clientMaxBodySize = "64m";
+
+    # proxy services running on TrueNAS
+    virtualHosts = {
+      "_" = {
+        addSSL = true;
+        useACMEHost = ".514fpv.io";
+        extraConfig = "return 444;";
+      };
+
+      "home.514fpv.io" = {
+        useACMEHost = ".514fpv.io";
+        addSSL = true;
+        extraConfig = ''
+          proxy_buffering off;
+        '';
+        locations."/" = {
+          proxyPass = "http://192.168.1.250:8123";
+          proxyWebsockets = true;
+        };
+      };
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+}