{ domain, ... }:
{ pkgs, lib, config, ... }:
let
  inherit (config) networking;
  inherit (config.security) gnupg;
  inherit (config.services) nginx;
  srv = "www";
  root = "/var/lib/nginx/${domain}";
in
{
systemd.services.nginx.serviceConfig = {
  BindPaths = [
    "/home/julm/work/sourcephile/txt:${root}/${srv}"
  ];
  StateDirectory = [
    "nginx/${domain}/${srv}"
  ];
  LogsDirectory = lib.mkForce [
    "nginx/${domain}/${srv}"
  ];
};
services.nginx = {
  virtualHosts."${srv}.${domain}" = {
    serverAliases = [ domain ];
    forceSSL = true;
    useACMEHost = domain;
    root = "${root}/${srv}";
    extraConfig = ''
      access_log /var/log/nginx/${domain}/${srv}/access.log json buffer=32k;
      error_log  /var/log/nginx/${domain}/${srv}/error.log warn;
    '';
    locations."/".extraConfig = ''
      #autoindex on;
      fancyindex on;
      fancyindex_name_length 255;
      fancyindex_exact_size off;
    '';
    locations."/git".return = "302 https://git.${domain}/$request_uri";
    locations."/versions".return = "302 https://git.${domain}/$request_uri";
    locations."/codes_sources".return = "302 http://git.${domain}";
    locations."/mails".return = "302 https://mails.${domain}/$request_uri";
    locations."/listes".return = "302 https://mails.${domain}/$request_uri";
  };
};
}