{ sdow, pkgs, lib, system, ... }: let
  sdow-env-file = pkgs.writeTextFile {
    name = "env.js";
    text = ''
      window.env = {
        "SDOW_API_URL": "https://sdow.bernard.com.de/api/paths",
        "WIKIPEDIA_API_URL": "https://fr.wikipedia.org/w/api.php",
        "WIKIPEDIA_BASE_URL": "https://fr.wikipedia.org/wiki/",
        "WIKIPEDIA_API_USERAGENT": "Six Degrees of Wikipedia/1.0 (https://sdow.bernard.com.de/; mysaa@hadoly.fr)"
      };
    '';
    destination = "/env.js";
  };
  sdow-website = pkgs.symlinkJoin {
    name = "sdow";
    paths = [
      sdow-env-file
      sdow.packages.${pkgs.system}.sdow
    ];
  };
  in {

  services.httpd.virtualHosts."sdow" = {
    hostName = "sdow.bernard.com.de";

    forceSSL = true;

    sslServerCert = "/var/lib/certs/bernard.com.de/fullchain.pem";
    sslServerKey = "/var/lib/certs/bernard.com.de/privkey.pem";
    sslServerChain = "/var/lib/certs/bernard.com.de/fullchain.pem";

    documentRoot = "${sdow-website}";
    locations."/api" = {
      proxyPass = "http://localhost:2302";
    };
  };

  systemd.services."sdow-api" = {
    description = "Sdow Backend API";
    after = [ "network.target" ];
    wantedBy = [ "multi-user.target" ];

    serviceConfig = {
      Type = "simple";
      ExecStart="${sdow.apps.${pkgs.system}.sdow-api.program} /var/lib/sdow/sdow.sqlite /var/lib/sdow/searches.sqlite 2302";
      Environment="GUNICORN_PORT=2302";
      ExecReload="kill -s HUP $MAINPID";
      KillMode="mixed";
      TimeoutStopSec=5;
      PrivateTmp=true;
    };
  };

  environment.persistence."/persistence".files = [
    "/var/lib/sdow/sdow.sqlite"
    "/var/lib/sdow/searches.sqlite"
  ];

}