try generalizing?

dafoe/services/default.nix

@@ -5,10 +5,11 @@
         ./ddns.nix
         ./nginx.nix
         ./forgejo.nix
-        #./printing.nix
         ./restic.nix
         ./ssh.nix
         ./vaultwarden.nix
         ./nextcloud.nix
+        ./domains.nix
     ];
+    services.domains.enable = true;
 }

dafoe/services/domains.nix

@@ -0,0 +1,64 @@
+{ config, lib, pkgs, ... }:
+with lib;
+let
+  cfg = config.domains;
+in 
+  {
+    domains = {
+      enable = mkOption {
+        default = false;
+        type = types.nullOr types.bool;
+      };
+      domain = mkOption {
+        description = ''
+          Domain of the server.
+        '';
+	      type = types.nullOr types.str;
+      };
+      git = mkOption {
+        description = ''
+          Subdomain of the git instance.
+        '';
+	      type = types.nullOr types.str;
+        default = "git";
+      };
+      vaultwarden = mkOption {
+        description = ''
+          Subdomain of the vaultwarden instance
+        '';
+        default = "vaultwarden";
+	      type = types.nullOr types.str;
+      };
+      video = mkOption {
+        description = ''
+          Subdomain of the video instance
+        '';
+        default = "video";
+	      type = types.nullOr types.str;
+      };
+      www = mkOption {
+        description = ''
+          Subdomain of the www instance
+        '';
+        default = "www";
+	      type = types.nullOr types.str;
+      };
+      files = mkOption {
+        description = ''
+          Subdomain of the files instance
+        '';
+        default = "files";
+	      type = types.nullOr types.str;
+      };
+      cloud = mkOption {
+        description = ''
+          Subdomain of the cloud instance
+        '';
+        default = "cloud";
+	      type = types.nullOr types.str;
+      };
+    };
+    config = mkIf cfg.enable {
+      gitURL = "${cfg.git}.${cfg.domain}";
+    };
+  }

dafoe/services/nextcloud.nix

@@ -9,7 +9,6 @@
     config.adminpassFile = "${../../nix-secrets/dafoe/nextcloud/adminpass}";
     configureRedis = true;
     maxUploadSize = "1G";
-    #nginx.enable = true;
     settings.overwriteProtocol = "https";
   };
 }

dafoe/services/nginx.nix

@@ -1,4 +1,4 @@
-{ lib, pkgs, inputs, ... }:
+{ lib, pkgs, inputs, config, ... }:
 {
   services.nginx = {
     enable = true;
@@ -8,50 +8,46 @@
     recommendedTlsSettings = true;
   };
 
-  services.nginx.virtualHosts = let tld = "vatthauer.xyz"; in
+  services.nginx.virtualHosts = let domain = "vatthauer.xyz"; in
   {
-    "git.${tld}" = {
+    "config.domains.gitURL" = {
       enableACME = true;
       forceSSL = true;
       locations."/" = {
         proxyPass = "http://localhost:3001/";
       };
     };
-  };
+    "vaultwarden.${domain}" = {
-
+      enableACME = true;
-  services.nginx.virtualHosts."vaultwarden.vatthauer.xyz" = {
+      forceSSL = true;
-    enableACME = true;
+      locations."/" = {
-    forceSSL = true;
+        proxyPass = "http://localhost:8222/";
-    locations."/" = {
+      };
-      proxyPass = "http://localhost:8222/";
     };
-  };
+    "video.${domain}" = {
-
+      enableACME = true;
-  services.nginx.virtualHosts."video.vatthauer.xyz" = {
+      forceSSL = false;
-    enableACME = true;
+      locations."/" = {
-    forceSSL = false;
+        proxyPass = "http://localhost:8096";
-    locations."/" = {
+      };
-      proxyPass = "http://localhost:8096";
     };
-  };
+    "www.${domain}" = {
-  services.nginx.virtualHosts."www.vatthauer.xyz" = {
+      serverAliases = [ domain ];
-    serverAliases = [ "vatthauer.xyz" ];
+      forceSSL = true;
-    forceSSL = true;
+      enableACME = true;
-    enableACME = true;
+      root = pkgs.callPackage ./resumee-website.nix {};
-    root = pkgs.callPackage ./resumee-website.nix {};
+    };
-  };
+    "files.${domain}" = {
-  services.nginx.virtualHosts."files.vatthauer.xyz" = {
+      forceSSL = true;
-    forceSSL = true;
+      enableACME = true;
-    enableACME = true;
+      locations."/" = {
-    locations."/" = {
+        root = "/var/www";
-      root = "/var/www";
+        extraConfig = "autoindex on;";
-      extraConfig = "autoindex on;";
+      };
+    };
+    "cloud.${domain}" = {
+      forceSSL = true;
+      enableACME = true;
     };
-  };
-  services.nginx.virtualHosts."cloud.vatthauer.xyz" = {
-    forceSSL = true;
-    enableACME = true;
-    #locations."/".proxyPass = "http://localhost:8080";
-    # nextcloud does location setup itself
   };
 }

dafoe/services/printing.nix

@@ -1,20 +0,0 @@
-{ pkgs, ... }:
-{
-  # Enable CUPS to print documents.
-  services.avahi = {
-    enable = true;
-    publish.enable = true;
-    publish.userServices = true;
-  };
-  services.printing = {
-    enable = true;
-    drivers = [ pkgs.splix ];
-    browsing = true;
-    listenAddresses = [ "*:631" ];
-    allowFrom = [ "all" ];
-    defaultShared = true;
-    extraConf = ''
-      BrowseLocalProtocols all
-    '';
-  };
-}