diff --git a/hosts/tanzanite/default.nix b/hosts/tanzanite/default.nix
index 2af54d3..63414e5 100644
--- a/hosts/tanzanite/default.nix
+++ b/hosts/tanzanite/default.nix
@@ -17,6 +17,7 @@ in {
       data-root = "/opt/data";
     };
   };
+
   security.acme = {
     acceptTerms = true;
     defaults.email = "stitchy@stitchy.moe";
@@ -26,9 +27,22 @@ in {
     };
   };
 
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+    virtualHosts = {
+      "stitchy.moe" = {
+        enableACME = true;
+        forceSSL = true;
+        root = "/opt/www/stitchy.moe/public";
+      };
     };
+  };
+
   networking.firewall = {
     allowedTCPPorts = [ 22 80 222 443 ];
+  };
 
   boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
   boot.initrd.kernelModules = [ ];