{ config, lib, pkgs, modulesPath, ... }:

{ 
  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
    virtualHosts = 
      let
        proxy = port: {
          forceSSL = true;
          useACMEHost = "home.ly-dodo.win";
          locations."/" = {
            proxyPass = "http://127.0.0.1:${toString port}";
            proxyWebsockets = true; # needed if you need to use WebSocket
            extraConfig =
              # required when the target is also TLS server with multiple hosts
              # "proxy_ssl_server_name on;" +
              
              # required when the server wants to use HTTP Authentication
              "proxy_pass_header Authorization;"
              ;
          };

        };  
      in {
#      "open-webui.home.ly-dodo.win" = proxy 8080;
      "adguard.home.ly-dodo.win" = proxy 8082;
#      "plex.home.ly-dodo.win" = proxy 32400;
#      "qbittorrent.home.ly-dodo.win" = proxy 30011;
#      "paperless.home.ly-dodo.win" = proxy 30012;
    };
  };
}