{ config, lib, pkgs, ... }:

let
  cfg = config.web-personal;
in
{
  options.web-personal = {
    domain = lib.mkOption {
      type = lib.types.str;
    };
    matrixApiDomain = lib.mkOption {
      type = lib.types.str;
    };
  };

  config = {
    services = {
      nginx.virtualHosts.${cfg.domain} =
        let
          mkWellKnown = data: ''
            default_type application/json;
            add_header Access-Control-Allow-Origin *;
            return 200 '${builtins.toJSON data}';
          '';
        in
        {
          enableACME = true;
          forceSSL = true;
          root = "/srv/www/${cfg.domain}";

          locations."= /.well-known/matrix/server".extraConfig = mkWellKnown {
            "m.server" = "${cfg.matrixApiDomain}:443";
          };
          locations."= /.well-known/matrix/client".extraConfig = mkWellKnown {
            "m.homeserver" = { base_url = "https://${cfg.matrixApiDomain}"; };
          };
        };
    };
  };
}