🔧 [pi4] Update Forgejo deprecated setting

hosts/pi4/forgejo.nix

@@ -2,6 +2,7 @@
   config,
   pkgs,
   lib,
+  systemConfig,
   common,
   ...
 }:
@@ -26,6 +27,9 @@ in
       database.type = "postgres";
       # Enable support for Git Large File Storage
       lfs.enable = true;
+
+      secrets.mailer.PASSWD = config.sops.secrets."mailserver/password-hash".path;
+
       settings = {
         server = {
           DOMAIN = domain;
@@ -48,10 +52,9 @@ in
           PROTOCOL = "smtps";
           SMTP_ADDR = config.mailserver.fqdn;
           FROM = "noreply-forgejo@${common.domain}";
-          USER = "noreply@${common.domain}";
+          USER = "${systemConfig.username}@${common.domain}";
         };
       };
-      #mailerPasswordFile = config.sops.secrets."forgejo/mailer-password".path;
     };
     gitea-actions-runner = {
       package = pkgs.forgejo-actions-runner;

hosts/pi4/nginx.nix

@@ -51,7 +51,20 @@ in
       # Headscale
       "vpn.${domain}" = proxyLocations {
         "/web".proxyPass = "${homelab}:8084";
-        "/".proxyPass = "${homelab}:8082";
+        "/" = {
+          proxyPass = "${homelab}:8082";
+          extraConfig = ''
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection $connection_upgrade;
+            proxy_redirect http:// https://;
+            proxy_buffering off;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
+          '';
+        };
       };
       # Headscale SmartDNS
       "dns.${domain}" = homelabProxy 8082;