{ pkgs, config, lib, name, website, slides, blog, ... }: {
  networking.firewall.allowedTCPPorts = [
    80
    443
  ];

  services.caddy = {
    enable = true;
    configFile = pkgs.writeTextFile {
      name = "Caddyfile";
      text = (
        ''
          {
              email nilstrieb@proton.me
              auto_https disable_redirects
          }

          http:// {
            respond "This is an HTTP-only server, silly you. Go to https:// instead." 400
          }

          ${config.networking.hostName}.infra.noratrieb.dev {
              encode zstd gzip
              header -Last-Modified
              root * ${./debugging-page}
              file_server
          }

          ${
            if name == "vps1" then
            builtins.readFile ./Caddyfile + ''
              noratrieb.dev {
                  encode zstd gzip
                  header -Last-Modified
                  root * ${website {inherit pkgs slides blog;}}
                  file_server
              }
            '' else ""
          }
        ''
      );
      checkPhase = ''
        ${lib.getExe pkgs.caddy} validate --adapter=caddyfile --config=$out
      '';
    };
  };
}