{ config, pkgs, lib, ... }:

let
  domain = "hexname.com";
in
{
  services.nginx.virtualHosts = {
    "${domain}" = {
      forceSSL = true;
      enableACME = true;
      locations."/api" = {
        proxyPass = "http://127.0.0.1:8080";
        proxyWebsockets = true;
        extraConfig = ''
          proxy_set_header Host $host;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto $scheme;
          # add_header Strict-Transport-Security 'max-age=300; includeSubDomains; preload; always;'
        '';
      };
      locations."/" = {
        root = "/var/www/hexname/build";
        tryFiles = "$uri $uri.html $uri/ /200.html";
      };
    };
    "www.${domain}" = { # Redirect www to root
      forceSSL = true;
      enableACME = true;
      globalRedirect = domain;
    };
  };
}