base.nix: hotfix for nginx on bicep

the matrix-synapse-next module seems to already add some of the nginx
options we set in base.nix, making it fail. These should only be set if
they're not already set by this module

base.nix

@@ -101,18 +101,22 @@
     recommendedOptimisation = true;
     recommendedGzipSettings = true;
 
-    appendConfig = ''
+    appendConfig = lib.mkIf (!config.services.matrix-synapse-next.enable or false) ''
       pcre_jit on;
       worker_processes auto;
       worker_rlimit_nofile 100000;
     '';
-    eventsConfig = ''
+    eventsConfig = lib.mkIf (!config.services.matrix-synapse-next.enable or false) ''
       worker_connections 2048;
       use epoll;
       multi_accept on;
     '';
   };
 
+  systemd.services.nginx.serviceConfig = lib.mkIf (!config.services.matrix-synapse-next.enable or false) {
+    LimitNOFILE = 65536;
+  };
+
   services.nginx.virtualHosts."_" = lib.mkIf config.services.nginx.enable {
     sslCertificate = "/etc/certs/nginx.crt";
     sslCertificateKey = "/etc/certs/nginx.key";
@@ -120,10 +124,6 @@
     extraConfig = "return 444;";
   };
 
-  systemd.services.nginx.serviceConfig = {
-    LimitNOFILE = 65536;
-  };
-
   networking.firewall.allowedTCPPorts = lib.mkIf config.services.nginx.enable [ 80 443 ];
 
   security.acme = {