{ config, ... }:
{
  services.nginx = {
    enable = true;
    virtualHosts."birdsite.nekover.se" = {
      forceSSL = true;
      enableACME = true;
      listen = [
        { 
          addr = "localhost";
          port = 1234;
        } # workaround for enableACME check
        {
          addr = "0.0.0.0";
          port = 8443;
          ssl = true;
          proxyProtocol = true;
        }
      ];
      locations."/robots.txt" = {
        return = "200 \"User-agent: *\\nDisallow: /\\n\"";
      };
      locations."/" = {
        proxyPass = "http://${config.services.nitter.server.address}:${builtins.toString config.services.nitter.server.port}";
        proxyWebsockets = true;
      };
    };
  };
}