{ config, lib, pkgs, ... }: let port = 8888; services = { "media" = ; "scan" = ; "torrent" = ; }; in { options.sbruder.media-proxy.enable = lib.mkEnableOption "media proxy"; config.services.nginx = lib.mkIf config.sbruder.media-proxy.enable { enable = true; secrets = builtins.attrValues services; virtualHosts.media-proxy = { serverName = "localhost"; listen = [ { inherit port; addr = "127.0.0.1"; } { inherit port; addr = "[::1]"; } ]; locations = { "/".extraConfig = '' rewrite ^/__assets/(.*)$ /media/__assets/$1; ''; } // lib.mapAttrs' (name: secret: { name = "/${name}/"; value = { proxyPass = "https://${name}.sbruder.de/"; proxyWebsockets = true; extraConfig = '' proxy_buffering off; include /run/nginx/secrets/${lib.last (lib.splitString "/" (toString secret))}; charset utf-8; ''; }; }) services; }; }; }