{ pkgs, config, hostName, ... }:
let
  inherit (config) networking;
  inherit (config.services) nginx;
in
{
  imports = [
    ../../nixos/profiles/services/nginx.nix
    nginx/aubergine.nix
  ];
  networking.nftables.ruleset = ''
    table inet filter {
      chain input-lan {
        tcp dport { http } counter accept comment "HTTP"
      }
      chain input-intra {
        tcp dport { http } counter accept comment "HTTP"
      }
    }
  '';
  /*
    fileSystems."/var/lib/nginx" = {
    device = "${hostName}/var/www";
    fsType = "zfs";
    };
  */
  services.nginx = {
    enable = true;
    /*
    package = pkgs.nginx.override {
      modules = with pkgs.nginxModules; [
        fancyindex
      ];
    };
    */
    resolver = {
      addresses = [ "127.0.0.1:53" ];
      valid = "";
    };
    virtualHosts."_" = {
      default = true;
      extraConfig = ''
        # Connection closed without response
        return 444;
      '';
    };
  };
}