{ config, lib, pkgs, ... }: let nginxConfDir = ./nginx/sites-available; in { config = { environment.systemPackages = [ pkgs.nginx ]; environment.etc = { "nginx/nginx.conf".source = ./nginx/nginx.conf; # Available configs "nginx/sites-available/forsen-cock.dedyn.io".source = "${nginxConfDir}/forsen-cock.dedyn.io"; "nginx/sites-available/gitea".source = "${nginxConfDir}/gitea"; "nginx/sites-available/gatus".source = "${nginxConfDir}/gatus"; "nginx/sites-available/vaultwarden".source = "${nginxConfDir}/vaultwarden"; "nginx/sites-available/ntfy".source = "${nginxConfDir}/ntfy"; # Enabled configs — point to same file (no symlink needed) "nginx/sites-enabled/forsen-cock.dedyn.io".source = "${nginxConfDir}/forsen-cock.dedyn.io"; "nginx/sites-enabled/gitea".source = "${nginxConfDir}/gitea"; "nginx/sites-enabled/gatus".source = "${nginxConfDir}/gatus"; "nginx/sites-enabled/vaultwarden".source = "${nginxConfDir}/vaultwarden"; "nginx/sites-enabled/ntfy".source = "${nginxConfDir}/ntfy"; "nginx/mime.types".source = "${pkgs.nginx}/conf/mime.types"; }; # Create necessary directories (without nginx user dependency) systemd.tmpfiles.rules = [ "d /var/log/nginx 0755 root root -" "d /var/lib/nginx 0755 root root -" "d /run/nginx 0755 root root -" "d /var/www/html 0755 root root -" ]; # Simple nginx systemd service systemd.services.nginx = { enable = true; description = "The nginx HTTP and reverse proxy server"; after = [ "network.target" ]; wants = [ "network.target" ]; serviceConfig = { Type = "forking"; PIDFile = "/run/nginx.pid"; ExecStartPre = "${pkgs.nginx}/bin/nginx -t -c /etc/nginx/nginx.conf"; ExecStart = "${pkgs.nginx}/bin/nginx -c /etc/nginx/nginx.conf"; ExecReload = "${pkgs.coreutils}/bin/kill -s HUP $MAINPID"; ExecStop = "${pkgs.coreutils}/bin/kill -s QUIT $MAINPID"; Restart = "on-failure"; RestartSec = 2; TimeoutStartSec = 60; }; wantedBy = [ "multi-user.target" ]; }; }; }