From 03464d27565efd9b7b8487902daacf29f080c361 Mon Sep 17 00:00:00 2001
From: toufic ar <contact@toufy.me>
Date: Thu, 5 Feb 2026 20:52:49 +0200
Subject: [PATCH] increase snowflake capacity, add tor subdomain

---
 config/http/default.nix       | 5 ++++-
 config/http/tor-snowflake.nix | 9 +++++++++
 config/network.nix            | 2 +-
 3 files changed, 14 insertions(+), 2 deletions(-)
 create mode 100644 config/http/tor-snowflake.nix

diff --git a/config/http/default.nix b/config/http/default.nix
index 5d2a529..79bb783 100644
--- a/config/http/default.nix
+++ b/config/http/default.nix
@@ -1,7 +1,10 @@
 {config, ...}: let
   customDomain = config.customOps.domain.fqdn;
 in {
-  imports = [./captiveportal.nix];
+  imports = [
+    ./captiveportal.nix
+    ./tor-snowflake.nix
+  ];
 
   networking.firewall.allowedTCPPorts = [80 443];
 
diff --git a/config/http/tor-snowflake.nix b/config/http/tor-snowflake.nix
new file mode 100644
index 0000000..dcd129e
--- /dev/null
+++ b/config/http/tor-snowflake.nix
@@ -0,0 +1,9 @@
+{config, ...}: let
+  torDomain = "tor.${config.customOps.domain.fqdn}";
+in {
+  services.nginx.virtualHosts.${torDomain} = {
+    root = "/var/www/${torDomain}";
+    forceSSL = true;
+    enableACME = true;
+  };
+}
diff --git a/config/network.nix b/config/network.nix
index 851de05..46a97d2 100644
--- a/config/network.nix
+++ b/config/network.nix
@@ -64,7 +64,7 @@ in {
 
   services.snowflake-proxy = {
     enable = true;
-    capacity = 10;
+    capacity = 20;
     extraFlags = ["-metrics"];
   };
 }