{ config, lib, ... }:

with lib;
let
  cfg = config.modules.services.vikunja;
in
{
  options.modules.services.vikunja = {
    enable = mkEnableOption "vikunja";
    domain = mkOption { type = types.str; };
    realHost = mkOption { type = types.str; };
  };

  config = mkIf cfg.enable {
    services.vikunja = {
      enable = true;
      frontendHostname = cfg.realHost;
      frontendScheme = "https";

      settings = {
        service.enableregistration = false;
      };

      database = {
        type = "postgres";
        user = "vikunja";
        database = "vikunja";
        host = "/run/postgresql";
      };
    };

    services.postgresql.enable = true;
    services.postgresql.ensureDatabases = [ "vikunja" ];
    services.postgresql.ensureUsers = [
      {
        name = "vikunja";
        ensureDBOwnership = true;
      }
    ];

    modules.persistence.directories = [
      "/var/lib/private/vikunja"
    ];

    services.nginx.virtualHosts.${cfg.realHost} = {
      forceSSL = true;
      useACMEHost = cfg.domain;
    };
  };
}