From cae85ef2e61c0cab75efe809e201442ba3e2e344 Mon Sep 17 00:00:00 2001
From: blake <me@blakedheld.xyz>
Date: Sun, 12 Oct 2025 21:22:14 -0500
Subject: [PATCH] tls insecure

---
 modules/homelab/services/audiobookshelf/default.nix | 6 +++++-
 modules/homelab/services/caddy/default.nix          | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/modules/homelab/services/audiobookshelf/default.nix b/modules/homelab/services/audiobookshelf/default.nix
index 660e615..1fcc25e 100644
--- a/modules/homelab/services/audiobookshelf/default.nix
+++ b/modules/homelab/services/audiobookshelf/default.nix
@@ -80,9 +80,13 @@ in
       serverAliases = [ "abs.${homelab.public_domain}" ];
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port} {
+        reverse_proxy 127.0.0.1:${toString cfg.port} {
           stream_timeout 24h
           stream_close_delay 5m
+          transport http {
+            tls
+            tls_insecure_skip_verify
+          }
         }
       '';
     };
diff --git a/modules/homelab/services/caddy/default.nix b/modules/homelab/services/caddy/default.nix
index d7080ea..e7f5e37 100644
--- a/modules/homelab/services/caddy/default.nix
+++ b/modules/homelab/services/caddy/default.nix
@@ -46,7 +46,7 @@ in
       dataDir = cfg.data_dir;
       email = "me@blakedheld.xyz";
       globalConfig = ''
-        auto_https ignore_loaded_certs
+#        auto_https ignore_loaded_certs
       '';
       
       virtualHosts."key.${homelab.public_domain}" = {