diff --git a/proxy/configuration.nix b/proxy/configuration.nix
new file mode 100644
index 0000000..fc0cdac
--- /dev/null
+++ b/proxy/configuration.nix
@@ -0,0 +1,63 @@
+{ pkgs, configs, ... }:
+let
+  Host = "vps1.tail807ea.ts.net";
+in
+{
+  imports = [ ./gandicloud.nix ];
+
+  environment.systemPackages = with pkgs; [
+    neovim curl htop glances neofetch
+    tailscale
+  ];
+
+  # Firewall 
+  networking.firewall = {
+    allowedTCPPorts = [ 80 443 ];
+    allowedUDPPorts = [ 80 443 ];
+  };
+
+  # tailscale
+  services.tailscale.enable = true;
+
+  # nginx reverse proxy
+  services.nginx = {
+    enable = true;
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+
+    virtualHosts = {
+      "cloud.geokkjer.eu" = {
+        default = false;
+        enableACME = true;
+        addSSL = true;
+        locations."/" = {
+          proxyPass = "http://server1.tail807ea.ts.net";
+        };
+      };
+      "audiobooks.geokkjer.eu" = {
+        default = false;
+        enableACME = true;
+        addSSL = true;
+        locations."/" = {
+          proxyPass = "http://server1:8000";
+          proxyWebsockets = true;
+        };
+      };
+      #virtualHosts."geokkjer.eu" = {
+      #  default = true;
+      #  forceSSL = true;
+      #  enableACME = true;
+      #  locations."/".proxyPass = "http://127.0.0.1/";
+      #};
+    };
+  };
+  # acme let's encrypt
+  security.acme = {
+    acceptTerms = true;
+    defaults = {
+    email = "geokkjer@gmail.com";
+    };
+  };
+}
diff --git a/proxy/gandicloud.nix b/proxy/gandicloud.nix
new file mode 100644
index 0000000..73e2d73
--- /dev/null
+++ b/proxy/gandicloud.nix
@@ -0,0 +1,45 @@
+# This is the configuration required to run NixOS on GandiCloud.
+{ lib, modulesPath, ... }:
+{
+  imports = [
+    (modulesPath + "/virtualisation/openstack-config.nix")
+  ];
+  config = {
+    boot.initrd.kernelModules = [
+      "xen-blkfront" "xen-tpmfront" "xen-kbdfront" "xen-fbfront"
+      "xen-netfront" "xen-pcifront" "xen-scsifront"
+    ];
+
+    # Show debug kernel message on boot then reduce loglevel once booted
+    boot.consoleLogLevel = 7;
+    boot.kernel.sysctl."kernel.printk" = "4 4 1 7";
+
+    # For "openstack console log show"
+    boot.kernelParams = [ "console=ttyS0" ];
+    systemd.services."serial-getty@ttyS0" = {
+      enable = true;
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig.Restart = "always";
+    };
+
+    # The device exposed by Xen
+    boot.loader.grub.device = lib.mkForce "/dev/xvda";
+
+    # This is to get a prompt via the "openstack console url show" command
+    systemd.services."getty@tty1" = {
+      enable = lib.mkForce true;
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig.Restart = "always";
+    };
+
+    # This is required to get an IPv6 address on our infrastructure
+    networking.tempAddresses = "disabled";
+
+    nix.extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+
+    system.stateVersion = "23.05";
+  };
+}
+