{ config, lib, pkgs, ... }:

with lib;
let
  domains = [ "www.infra4future.de" "hacc.earth" "www.hacc.earth" "muc.hacc.earth" "help.studentsforfuture.info" ];
in {
  hacc.websites = {
    enable = true;
    directory = ../websites;
  };

  services.nginx.virtualHosts =
    listToAttrs (map (host: nameValuePair host {
      useACMEHost = "infra4future.de";
      forceSSL = true;
      locations."/".proxyPass = "http://${config.containers.gitlab.localAddress}:8090";
    }) domains) // {
      "infra4future.de" = {
        enableACME = true;
        forceSSL = true;
        locations."/".proxyPass = "http://${config.containers.gitlab.localAddress}:8090";
      };
      "muc.hacc.earth" = {
        enableACME = true;
        forceSSL = true;
        locations."/".extraConfig = ''
          proxy_pass "http://${config.containers.gitlab.localAddress}:8090/infra4future/muc.hacc.earth/";
          proxy_set_header Host 'hacc.4future.dev';
        '';
      };
      "help.studentsforfuture.info" = {
        enableACME = true;
        forceSSL = true;
        locations."/".extraConfig = ''
          proxy_pass "http://${config.containers.gitlab.localAddress}:8090/pcs-docs/";
          proxy_set_header Host 'studentsforfuture.4future.dev';
        '';
      };
    };

  security.acme.certs."infra4future.de" = {
    extraDomainNames = domains;
  };
}