The company has invested heavily in infrastructure and will continue to do so in order to serve its customers.
dreyeck.ch is also the name of a wiki farm that was created as a clone of the wiki.ralfbarkow.ch server.
dreyeck.ch wiki.ralfbarkow.ch
was adjusted:
networking.hostName = "dreyeck"; # Define your hostname.
Then we generated a Wildcard Certificate for *.dreyeck.ch based on the documentation in the nixos.org/manual 
and the lego docs .
security.acme = { acceptTerms = true; certs."dreyeck.ch" = { domain = "*.dreyeck.ch"; dnsProvider = "hetzner"; credentialsFile = "[…]/hetzner-api-key.[…]"; }; defaults = { email = "[…]"; }; }; […]
For this purpose, a corresponding zone was set up in the HETZNER DNS Console, the name server entries at the domain name registrar and in the Microsoft 365 admin center were adjusted accordingly and the settings required for the mail connection etc. were transferred to the zone file. (Manual BIND zone file editing)
Finally, the nginx configuration had to be adjusted:
users.users.nginx.extraGroups = [ "acme" ]; services.nginx = { enable = true; recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts = { "dreyeck.ch" = { forceSSL = true; useACMEHost = "dreyeck.ch"; locations."/" = { proxyPass = "http://127.0.0.1:3000"; proxyWebsockets = true; # needed if you need to use WebSocket }; };