Try derive hosts from derivation, too

lib.nix

@@ -5,17 +5,14 @@ with pkgs;
 let
   requiredPackages = import ./required-packages.nix { inherit pkgs nodejs; };
   website = settings: stdenv.mkDerivation {
+    inherit (settings) src ssl host;
     name = "blog-static";
-    version = settings.source.rev;
+    version = settings.src.rev;
-    src = settings.source;
-    ssl = settings.ssl;
     urlSub =
       let
         regexEscape = lib.escape [ "/" "(" ")" "[" "]" "+" "*" "\\" ];
       in
-        if (settings ? replaceUrl)
+        with settings.replaceUrl; "s/${regexEscape from}/${regexEscape to}/g";
-        then (with settings.replaceUrl; "s/${regexEscape from}/${regexEscape to}/g")
-        else "";
     publicPath = settings.path;
     extraFlags = if settings.drafts then " -D " else "";
     builder = ./build/builder.sh;
@@ -29,13 +26,14 @@ let
       (ruby.withPackages (ps: [ ps.nokogiri ]))
     ];
   };
-  wrapHost = ssl: host: (if ssl then "https" else "http") + "//${host}";
+  wrapHost = ssl: host: (if ssl then "https" else "http") + "://${host}";
 in
   {
     english = settings: website {
+      inherit (settings) host;
       ssl = settings.ssl or false;
       drafts = settings.drafts or false;
-      source = blog-source;
+      src = blog-source;
       path = ".";
       replaceUrl = {
         from = "https://danilafe.com";
@@ -43,9 +41,10 @@ in
       };
     };
     russian = settings: website {
+      inherit (settings) host;
       ssl = settings.ssl or false;
       drafts = settings.drafts or false;
-      source = blog-source-localized;
+      src = blog-source-localized;
       path = "ru";
       replaceUrl = {
         from = "https://ru.danilafe.com";

module.nix

@@ -2,39 +2,39 @@
 with lib;
 let
   cfg = config.services.danilafe-blog;
-  sslForDomain = domain: package: package.ssl;
+  sslForSite = package: package.ssl;
-  anySsl = any id (mapAttrsToList sslForDomain cfg.domains);
+  anySsl = any sslForSite cfg.sites;
-  virtualHost = domain: package:
+  virtualHost = package:
     {
-      virtualHosts."${domain}" = mkMerge [
+      virtualHosts."${package.host}" = mkMerge [
         {
           root = package;
         }
-        (mkIf (sslForDomain domain package) {
+        (mkIf (sslForSite package) {
           addSSL = true;
           enableACME = true;
           acmeRoot = cfg.challengePath;
         })
       ];
     };
-  service = domain: package:
+  service = package:
     {
       # Workaround for new configuration setting all of /var to be readonly.
       # See https://github.com/NixOS/nixpkgs/issues/139310
-      "acme-${domain}".serviceConfig = {
+      "acme-${package.host}".serviceConfig = {
         ReadWritePaths = [ cfg.challengePath ];
       };
     };
-  virtualHosts = mapAttrsToList virtualHost cfg.domains;
+  virtualHosts = map virtualHost cfg.sites;
-  services = mapAttrsToList service (filterAttrs sslForDomain cfg.domains);
+  services = map service (filter sslForSite cfg.sites);
 in
   {
     options.services.danilafe-blog = {
       enable = mkEnableOption "Daniel's blog service";
-      domains = mkOption {
+      sites = mkOption {
-        type = types.attrsOf types.package;
+        type = types.listOf types.package;
         default = {};
-        description = "Attribute set where keys are domains and values are packages to host there.";
+        description = "List of versions of this blog that should be enabled.";
       };
       challengePath = mkOption {
         type = types.str;
@@ -51,7 +51,7 @@ in
     ]));
     config.systemd.services = mkIf cfg.enable (mkMerge services);
     config.security.acme = mkIf (cfg.enable && anySsl) {
-      # If any domain uses SSL, enable ACME and accept terms.
+      # If any site uses SSL, enable ACME and accept terms.
       email = "danila.fedorin@gmail.com";
       acceptTerms = true;
     };