lidarr: move to architect options

hosts/architect/lidarr.nix

@@ -1,11 +1,7 @@
-{ config, lib, ... }:
+{ config, ... }:
 
 let
   domain = "htlid.giugl.io";
-  auth_block = (import ./openid.nix { inherit lib; }).openresty_oidc_block;
-  
-  utilities = import ./utilities.nix { inherit lib config; };
-  inherit (utilities) architectInterfaceAddress;
 in
 {
   services = {
@@ -13,23 +9,17 @@ in
       enable = true;
       group = "media";
     };
+  };
 
-    nginx.virtualHosts.${domain} = {
+  architect.vhost.${domain} = {
-      forceSSL = true;
+    dnsInterfaces = [ "lan" "tailscale" ];
-      enableACME = true;
     locations."/" = {
-        proxyPass = "http://127.0.0.1:8686";
+      port = 8686;
-        extraConfig = auth_block {
+      allowLan = true;
-          access_role = "lidarr";
+      allowWAN = false;
+      allow = [ config.architect.networks."tailscale".net ];
     };
   };
-    };
-  };
-
-  networking.extraHosts = ''
-    ${architectInterfaceAddress "lan"} ${domain}
-    ${architectInterfaceAddress "tailscale"} ${domain}
-  '';
 
   users.groups.media.members = [ "lidarr" ];
 }