{ config, lib, ... }: let cfg = config.vhack.nix-sync; mkNixSyncRepository = { domain, root ? "", url, extraSettings ? {}, }: { name = "${domain}"; value = { path = "/etc/nginx/websites/${domain}/${root}"; uri = "${url}"; inherit extraSettings; }; }; nixSyncRepositories = builtins.listToAttrs (builtins.map mkNixSyncRepository domains); mkVirtHost = { domain, root ? "", url, extraSettings ? {}, }: { name = "${domain}"; value = lib.recursiveUpdate { forceSSL = true; enableACME = true; root = "/etc/nginx/websites/${domain}/${root}"; } extraSettings; }; virtHosts = builtins.listToAttrs (builtins.map mkVirtHost domains); domains = import ./hosts.nix {}; in { imports = [ ./internal_module.nix ]; options.vhack.nix-sync = { enable = lib.mkEnableOption '' a website git ops solution. ''; }; config = lib.mkIf cfg.enable { services.nix-sync = { enable = true; repositories = nixSyncRepositories; }; vhack.nginx.enable = true; services.nginx.virtualHosts = virtHosts; }; }