{ config, pkgs, lib, fernglas, ... }: 
let 
  bmpPort = 11019;
  autoIndex = ''
    autoindex on;
    autoindex_exact_size off;
    autoindex_format html;
    autoindex_localtime on;
  '';
in { 
  networking = {
    hostName = "web02";
    firewall.allowedTCPPorts = [ 80 443 bmpPort ];
    firewall.allowedUDPPorts = [ 443 ];
  };
  systemd.network.networks."98-eth-default" = {
    address = [
      "2a0f:be01:0:100::1312/128" 
    ];
  };
  users.users."lg" = {
    isSystemUser = true;
    createHome = true;
    home = "/var/www/lg.kyouma.net";
    group = "lg";
  };
  users.groups."lg" = {};
  services.vnstat.enable = true;
  services.fernglas = {
    enable = true;
    settings = {
      api.bind = "[::1]:3000";
      collectors = {
        bmp_collector = {
          collector_type = "Bmp";
          bind = "[::]:${toString bmpPort}";
          peers = {
            "45.150.123.0" = {};
          };
        };
      }; 
    };
  };
  services.nginx = {
    createHost = {
      "miau.zip" = { root = "/var/www/kyouma.net"; };
      "www.miau.zip" = { redirectTo = "miau.zip"; };
      "www.kyouma.net" = { redirectTo = "kyouma.net"; };
      "emily.cat" = { root = "/var/www/emily.cat/_site"; };
      "www.emily.cat" = { redirectTo = "kyouma.net"; };
      "www.cocaine.trade" = { redirectTo = "cocaine.trade"; };

      "redirect" = {
        default = true;
        reuseport = true;
        useACMEHost = "kyouma.net";
        extraConfig = ''
          return 403;
        '';
      };
      "cocaine.trade" = {
        root = "/var/www/cocaine.trade";
        extraConfig = ''error_page 404 /404.html;'';
        locations."/" = {
          index = "index.html";
          tryFiles = "$uri $uri.html =404";
        };
        locations."= /".extraConfig = ''rewrite ^ /index.html last;'';
      };
      "files.cocaine.trade" = {
        useACMEHost = "cocaine.trade";
        root = "/mnt/basti/files.cocaine.trade";
        locations."/".extraConfig = autoIndex;
      };
      "kyouma.net" = {
        root = "/var/www/kyouma.net";
        locations = {
          "/ihk/".extraConfig = autoIndex;
          "/vyos/".extraConfig = autoIndex;
          "/3ds/".extraConfig = autoIndex;
        };
      };
      "lg.kyouma.net" = {
        useACMEHost = "kyouma.net";
        locations."/".root = fernglas.packages.${config.nixpkgs.hostPlatform.system}.fernglas-frontend;
        locations."/api/".proxyPass = "http://${config.services.fernglas.settings.api.bind}";
      };
    };
  };
  security.acme.certs = {
    "miau.zip" = { extraDomainNames = [ "www.miau.zip" "lg.miau.zip" ]; };
    "kyouma.net" = { extraDomainNames = [ "www.kyouma.net" "lg.kyouma.net" ]; };
    "emily.cat" = { extraDomainNames = [ "www.emily.cat" ]; };
    "cocaine.trade" = { extraDomainNames = [ "www.cocaine.trade" "files.cocaine.trade" ]; };
  };
}