{ domain, ... }:
{ pkgs, lib, config, ... }:
let
  inherit (config) networking;
  inherit (config.services) nginx public-inbox;
  srv = "public-inbox";
in
{
services.nginx = {
  virtualHosts."${srv}.${domain}" = {
    serverAliases = [ "mails.${domain}" ];
    forceSSL = true;
    useACMEHost = domain;
    #root = "/home/julm/work/sourcephile/txt";
    extraConfig = ''
      access_log /var/log/nginx/${domain}/${srv}/access.log json buffer=32k;
      error_log  /var/log/nginx/${domain}/${srv}/error.log warn;
    '';
    locations."/".return = "302 /inbox";
    locations."= /inbox".return = "302 /inbox/";
    #locations."/inbox".proxyPass = "http://127.0.0.1:${toString public-inbox.http.port}/inbox";
    locations."/inbox".proxyPass = "http://unix:${public-inbox.http.port}:/inbox";
    locations."= /style/light.css".alias = pkgs.writeText "light.css" ''
      * { background:#fff; color:#000 }

      a { color:#00f; text-decoration:none }
      a:visited { color:#808 }

      *.q { color:#008 }

      *.add { color:#060 }
      *.del {color:#900 }
      *.head { color:#000 }
      *.hunk { color:#960 }

      .hl.num { color:#f30 } /* number */
      .hl.esc { color:#f0f } /* escape character */
      .hl.str { color:#f30 } /* string */
      .hl.ppc { color:#c3c } /* preprocessor */
      .hl.pps { color:#f30 } /* preprocessor string */
      .hl.slc { color:#099 } /* single-line comment */
      .hl.com { color:#099 } /* multi-line comment */
      /* .hl.opt { color:#ccc } */ /* operator */
      /* .hl.ipl { color:#ccc } */ /* interpolation */

      /* keyword groups kw[a-z] */
      .hl.kwa { color:#f90 }
      .hl.kwb { color:#060 }
      .hl.kwc { color:#f90 }
      /* .hl.kwd { color:#ccc } */
    '';
  };
};
systemd.services.nginx.serviceConfig.LogsDirectory = lib.mkForce ["nginx/${domain}/${srv}"];
}