diff --git a/nixos/configs/robi/configuration.nix b/nixos/configs/robi/configuration.nix
index d7cb6e3..8b0a46c 100644
--- a/nixos/configs/robi/configuration.nix
+++ b/nixos/configs/robi/configuration.nix
@@ -23,6 +23,7 @@
     ./tinc.nix
     ./transmission.nix
     ./vaultwarden.nix
+    ./nginx.nix
 
 
     #../../system/server
diff --git a/nixos/configs/robi/nginx.nix b/nixos/configs/robi/nginx.nix
new file mode 100644
index 0000000..39a1ae3
--- /dev/null
+++ b/nixos/configs/robi/nginx.nix
@@ -0,0 +1,87 @@
+{ config, lib, pkgs, ... }:
+let
+  # todo create flake for this
+  errorPages = pkgs.fetchFromGitHub {
+    owner = "mrvandalo";
+    repo = "http-errors";
+    rev = "74b8e4c1d9bbba3db6ad858b888e1867318af1f0";
+    sha256 = "0czdzafx4k76q773lyf3vsjm74g1995iz542dhw15kpy5xbivsrg";
+  };
+  error = {
+    extraConfig = ''
+      error_page 400 /errors/400.html;
+      error_page 401 /errors/401.html;
+      error_page 402 /errors/402.html;
+      error_page 403 /errors/403.html;
+      error_page 404 /errors/404.html;
+      error_page 405 /errors/405.html;
+      error_page 406 /errors/406.html;
+      error_page 500 /errors/500.html;
+      error_page 501 /errors/501.html;
+      error_page 502 /errors/502.html;
+      error_page 503 /errors/503.html;
+      error_page 504 /errors/504.html;
+    '';
+    locations."^~ /errors/" = {
+      extraConfig = "internal;";
+      root = "${errorPages}/";
+    };
+  };
+in
+
+{
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedUDPPorts = [ 80 443 ];
+
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    virtualHosts = {
+      "travel.ingolf-wagner.de" = {
+        forceSSL = true;
+        enableACME = true;
+        extraConfig = error.extraConfig;
+        locations = {
+          "/" = {
+            root = "/srv/www/travel";
+            extraConfig = ''
+              if (-d $request_filename) {
+                rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
+              }
+            '';
+          };
+        } // error.locations;
+      };
+      "tech.ingolf-wagner.de" = {
+        forceSSL = true;
+        enableACME = true;
+        extraConfig = error.extraConfig;
+        locations = {
+          "/" = {
+            root = "/srv/www/tech";
+            extraConfig = ''
+              if (-d $request_filename) {
+                rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
+              }
+            '';
+          };
+        } // error.locations;
+      };
+      "terranix.org" = {
+        forceSSL = true;
+        enableACME = true;
+        extraConfig = error.extraConfig;
+        locations = {
+          "/" = {
+            root = "/srv/www/terranix";
+            extraConfig = ''
+              if (-d $request_filename) {
+                rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
+              }
+            '';
+          };
+        } // error.locations;
+      };
+    };
+  };
+}