diff --git a/nodes/draco.kosmos.org.json b/nodes/draco.kosmos.org.json
index fba9fb1..663ab5d 100644
--- a/nodes/draco.kosmos.org.json
+++ b/nodes/draco.kosmos.org.json
@@ -41,6 +41,7 @@
       "kosmos-akkounts::nginx",
       "kosmos_discourse::nginx",
       "kosmos_drone::nginx",
+      "kosmos_gitea::nginx",
       "kosmos_rsk::nginx_testnet",
       "kosmos_rsk::nginx_mainnet",
       "kosmos_website",
diff --git a/nodes/fornax.kosmos.org.json b/nodes/fornax.kosmos.org.json
index f648554..5d6222f 100644
--- a/nodes/fornax.kosmos.org.json
+++ b/nodes/fornax.kosmos.org.json
@@ -102,6 +102,7 @@
     "role[base]",
     "role[kvm_host]",
     "role[nginx_proxy]",
+    "kosmos_gitea::nginx_ssh",
     "role[zerotier_controller]"
   ]
 }
diff --git a/site-cookbooks/kosmos_gitea/metadata.rb b/site-cookbooks/kosmos_gitea/metadata.rb
index 95cd94a..f842b03 100644
--- a/site-cookbooks/kosmos_gitea/metadata.rb
+++ b/site-cookbooks/kosmos_gitea/metadata.rb
@@ -2,25 +2,13 @@ name 'kosmos_gitea'
 maintainer 'Kosmos Developers'
 maintainer_email 'ops@kosmos.org'
 license 'MIT'
-description 'Installs/Configures kosmos_gitea'
-long_description 'Installs/Configures kosmos_gitea'
-version '0.1.0'
+description 'Installs/configures Gitea'
+long_description 'Installs/configures Gitea'
+version '0.2.0'
 chef_version '>= 14.0'
 
-# The `issues_url` points to the location where issues for this cookbook are
-# tracked.  A `View Issues` link will be displayed on this cookbook's page when
-# uploaded to a Supermarket.
-#
-# issues_url 'https://github.com/<insert_org_here>/kosmos_gitea/issues'
-
-# The `source_url` points to the development repository for this cookbook.  A
-# `View Source` link will be displayed on this cookbook's page when uploaded to
-# a Supermarket.
-#
-# source_url 'https://github.com/<insert_org_here>/kosmos_gitea'
-
 depends "firewall"
-depends "kosmos-nginx"
+depends "kosmos_openresty"
 depends "kosmos_postgresql"
 depends "backup"
 depends "kosmos-dirsrv"
diff --git a/site-cookbooks/kosmos_gitea/recipes/nginx.rb b/site-cookbooks/kosmos_gitea/recipes/nginx.rb
index 1af4c5a..243e9f9 100644
--- a/site-cookbooks/kosmos_gitea/recipes/nginx.rb
+++ b/site-cookbooks/kosmos_gitea/recipes/nginx.rb
@@ -3,14 +3,8 @@
 # Recipe:: nginx
 #
 
-include_recipe "kosmos-nginx"
-
 domain = node["gitea"]["domain"]
 
-# upstream_ip_addresses = []
-# search(:node, "role:gitea").each do |n|
-#   upstream_ip_addresses << n["knife_zero"]["host"]
-# end
 begin
   upstream_ip_address = search(:node, "role:gitea").first["knife_zero"]["host"]
 rescue
@@ -18,35 +12,16 @@ rescue
   return
 end
 
-nginx_certbot_site domain
+tls_cert_for domain do
+  auth "gandi_dns"
+  action :create
+end
 
-template "#{node['nginx']['dir']}/sites-available/#{domain}" do
-  source "nginx_conf_web.erb"
-  owner 'www-data'
-  mode 0640
+openresty_site domain do
+  template "nginx_conf_web.erb"
   variables server_name:   domain,
             ssl_cert:      "/etc/letsencrypt/live/#{domain}/fullchain.pem",
             ssl_key:       "/etc/letsencrypt/live/#{domain}/privkey.pem",
             upstream_host: upstream_ip_address,
             upstream_port: node["gitea"]["port"]
-
-  notifies :reload, 'service[nginx]', :delayed
-end
-
-nginx_site domain do
-  action :enable
-end
-
-template "#{node['nginx']['dir']}/streams-available/ssh" do
-  source "nginx_conf_ssh.erb"
-  owner 'www-data'
-  mode 0640
-  variables domain: domain,
-            upstream_host: upstream_ip_address
-
-  notifies :reload, 'service[nginx]', :delayed
-end
-
-nginx_stream "ssh" do
-  action :enable
 end
diff --git a/site-cookbooks/kosmos_gitea/recipes/nginx_ssh.rb b/site-cookbooks/kosmos_gitea/recipes/nginx_ssh.rb
new file mode 100644
index 0000000..16f8e7a
--- /dev/null
+++ b/site-cookbooks/kosmos_gitea/recipes/nginx_ssh.rb
@@ -0,0 +1,18 @@
+#
+# Cookbook:: kosmos_gitea
+# Recipe:: nginx_ssh
+#
+
+template "#{node['nginx']['dir']}/streams-available/ssh" do
+  source "nginx_conf_ssh.erb"
+  owner 'www-data'
+  mode 0640
+  variables domain: domain,
+            upstream_host: upstream_ip_address
+
+  notifies :reload, 'service[nginx]', :delayed
+end
+
+nginx_stream "ssh" do
+  action :enable
+end
diff --git a/site-cookbooks/kosmos_gitea/templates/default/nginx_conf_web.erb b/site-cookbooks/kosmos_gitea/templates/default/nginx_conf_web.erb
index f8b6b22..5d7712b 100644
--- a/site-cookbooks/kosmos_gitea/templates/default/nginx_conf_web.erb
+++ b/site-cookbooks/kosmos_gitea/templates/default/nginx_conf_web.erb
@@ -4,23 +4,14 @@ upstream _gitea_web {
 }
 
 server {
-<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
-  listen 443 ssl http2;
-  listen [::]:443 ssl http2;
   server_name <%= @server_name %>;
+  listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>443 ssl http2;
+  listen [::]:443 ssl http2;
 
   ssl_certificate     <%= @ssl_cert %>;
   ssl_certificate_key <%= @ssl_key %>;
 
   add_header Strict-Transport-Security "max-age=31536000";
-<% else -%>
-  listen 80;
-  server_name <%= @server_name %>;
-
-  location /.well-known {
-    root "/var/www/<%= @server_name %>";
-  }
-<% end -%>
 
   client_max_body_size 20M;