dotfiles/modules/nixos/services/projectSite/default.nix

{ flake, config, ... }:
let
  inherit (flake.config.services.instances)
    projectSite
    ;
  service = projectSite;
  host = flake.inputs.linkpage.secrets.domains.projectsite;
in
{
  services = {
    caddy = {
      virtualHosts = {
        "${host}" = {
          extraConfig = ''
            root * ${service.paths.path0}

            file_server

            encode gzip

            try_files {path} /index.html

            tls ${service.ssl.cert}/${host}/fullchain.pem ${service.ssl.key}/${host}/key.pem
          '';
        };
      };
    };
  };

  systemd.tmpfiles.rules = [
    "Z ${service.paths.path0} 755 caddy caddy -"
  ];
}