# Configuration for the catacomb forwarder

{ config, pkgs, ... }:

{
  # Configure nginx to forward to the server on catacomb
  services.nginx.virtualHosts."catacomb.alogoulogoi.com" = {
    enableACME = true;
    forceSSL = true;
    extraConfig = ''
      access_log /var/log/nginx/access.catacomb.log;
    '';
    locations = {
      # Forwards to the index server
      "/browse/".proxyPass = "http://10.22.20.2:7472/browse/";
      # Forwards to nginx via catacomb auth server
      "/".extraConfig = ''
        auth_request /auth;
        proxy_buffering off;
        proxy_pass http://10.22.20.2:7470/;
      '';
      "= /auth".extraConfig = ''
        internal;
        proxy_buffering off;
        proxy_pass_request_body off;
        proxy_pass http://10.22.20.2:7471/;
        proxy_set_header Content-Length "";
        proxy_set_header X-Original-URI $request_uri;
      '';
    };
  };
}