{ pkgs, ... }:

let
  install_script = pkgs.writeTextDir "web/install" ''
    #!/usr/bin/env bash
    set -euo pipefail

    which nix 2>1 > /dev/null || { echo "nix command not found. Install nix and try again"; exit 1; }

    nix --extra-experimental-features "nix-command" \
      --substituters "https://nix-cache.clerie.de" \
      --trusted-public-keys "nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g=" \
      copy --from "https://nix-cache.clerie.de" \
      ${pkgs.nixfiles-auto-install}
    ${pkgs.nixfiles-auto-install}/bin/nixfiles-auto-install
  '';
in {
  services.nginx.virtualHosts = {
    "install.nix.clerie.de" = {
      enableACME = true;
      forceSSL = true;
      locations."/" = {
        root = install_script + "/web/";
        extraConfig = ''
          index install;
          types { } default_type "text/plain; charset=utf-8";
        '';
      };
    };
  };
}