From 143a4afe5c239f46d632e6895a4615d79da85ac2 Mon Sep 17 00:00:00 2001
From: Benedikt Peetz <benedikt.peetz@b-peetz.de>
Date: Fri, 7 Feb 2025 15:11:31 +0100
Subject: modules/nix-sync: Correctly merge `extraSettings` and the needed
 vhost config

---
 modules/by-name/ni/nix-sync/module.nix | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/modules/by-name/ni/nix-sync/module.nix b/modules/by-name/ni/nix-sync/module.nix
index 1413920..9ddd210 100644
--- a/modules/by-name/ni/nix-sync/module.nix
+++ b/modules/by-name/ni/nix-sync/module.nix
@@ -2,6 +2,7 @@
   config,
   lib,
   modulesPath,
+  nixLib,
   ...
 }: let
   cfg = config.vhack.nix-sync;
@@ -27,12 +28,15 @@
   }: {
     name = "${domain}";
     value =
-      lib.recursiveUpdate {
+      # FIXME(@bpeetz): We cannot use something like `lib.recursiveUpdate` because the
+      # `extraSettings` are instantiated from the “real” nginx type. As such the
+      # `extaSettings` would override our values here. Therefore, the direct merge. <2025-02-07>
+      extraSettings
+      // {
         forceSSL = true;
         enableACME = true;
         root = "/etc/nginx/websites/${domain}";
-      }
-      extraSettings;
+      };
   };
   virtHosts = builtins.listToAttrs (builtins.map mkVirtHost cfg.domains);
 in {
@@ -66,7 +70,7 @@ in {
             type =
               lib.types.submodule (import (modulesPath + "/services/web-servers/nginx/vhost-options.nix") {inherit config lib;});
             example = {
-              locations."/.well-known/openpgpkey/hu/".extraConfig = "default_type application/octet-stream";
+              locations."/.well-known/openpgpkey/".extraConfig = "default_type application/octet-stream";
             };
             default = {};
             description = ''
-- 
cgit 1.4.1