{ config, lib, pkgs, ... }:
{
  services = {
    # The main nginx domain
    nginx.virtualHosts = {
      "nixfox.ca" = {
        enableACME = true;
        addSSL = true;
        root = "/var/www/nixfox-reborn/public";

        locations = {
          "/".extraConfig = ''
            error_page 404 /404.html;
          '';

          "~ \\.php$".extraConfig = ''
            fastcgi_index index.php;
            fastcgi_pass unix:${config.services.phpfpm.pools.nginx.socket};
          '';

          "/.well-known/matrix/client".extraConfig = ''
            default_type application/json;
            return 200 '{
              "m.homeserver": { "base_url": "https://matrix.nixfox.ca" },
              "m.identity_server": { "base_url": "https://matrix.org" }
            }';
          '';

          "/.well-known/matrix/server".extraConfig = ''
            default_type application/json;
            return 200 '{ "m.server": "matrix.nixfox.ca:443" }';
          '';
        };
      };

      "old.nixfox.ca" = {
        enableACME = true;
        addSSL = true;
        root = "/var/www/landing-page";
      };
    };

    # Enable PHP for some fancy stuff
    phpfpm.pools.nginx = {
      user = "nobody";
      settings = {
        "pm" = "dynamic";
        "pm.max_children" = 75;
        "pm.start_servers" = 10;
        "pm.min_spare_servers" = 5;
        "pm.max_spare_servers" = 20;
        "pm.max_requests" = 500;
        "listen.owner" = config.services.nginx.user;
        "listen.group" = config.services.nginx.group;
        "listen.mode" = "0660";
        "catch_workers_output" = 1;
      };
    };
  };
}