{config, ...}: let
  ports = import ../data/ports.nix {};
  piped_config = config.services.piped;
in {
  config.services.piped = {
    enable = true;
    frontendDomain = "piped.owo.monster";
    backendDomain = "backend.piped.owo.monster";
    proxyDomain = "proxy.piped.owo.monster";

    nginxForceSSL = false;
    nginxEnableACME = false;

    # Do not set proxyNginxExtraConfig here as needs be set in outside of container

    internalBackendPort = ports.piped-backend;
    internalProxyPort = ports.piped-proxy;
  };

  config.systemd.tmpfiles.rules = [
    "d /var/sockets - nginx nginx"
  ];

  config.systemd.services.nginx.serviceConfig.ReadWritePaths = [
    "/var/sockets"
  ];

  config.services.nginx.virtualHosts."${piped_config.frontendDomain}" = {
    extraConfig = "listen unix:/var/sockets/piped-frontend.sock;";
  };
  config.services.nginx.virtualHosts."${piped_config.backendDomain}" = {
    extraConfig = "listen unix:/var/sockets/piped-backend.sock;";
  };
  config.services.nginx.virtualHosts."${piped_config.proxyDomain}" = {
    extraConfig = "listen unix:/var/sockets/piped-proxy.sock;";
  };
}