{ lib, config, ... }: { options = { services.tvix-binary-cache = { enableNginx = lib.mkEnableOption "nginx reverse proxy for each binary cache"; nginx = { clientMaxBodySize = lib.mkOption { type = lib.types.str; default = "10m"; example = "50G"; }; host = lib.mkOption { type = lib.types.str; example = "cache.example.com"; }; }; }; }; config = { services.nginx = lib.mkIf config.services.tvix-binary-cache.enableNginx { enable = true; recommendedProxySettings = true; virtualHosts.${config.services.tvix-binary-cache.nginx.host} = { default = true; locations = lib.mkMerge ( lib.mapAttrsToList (name: cfg: { "/${name}".return = "302 /${name}/"; "/${name}/" = { proxyPass = "http://localhost:${toString cfg.port}/"; }; }) config.services.tvix-binary-cache.caches ); }; inherit (config.services.tvix-binary-cache.nginx) clientMaxBodySize; }; }; }