{
  config,
  lib,
  namespace,
  ...
}:
let
  inherit (lib.${namespace}) mkOpt mkReverseProxyOpt;
  cfg = config.${namespace}.services.onlyoffice;

  jwtSecretFile = config.sops.secrets."jallen-nas/onlyoffice-key".path;
in
{
  options.${namespace}.services.onlyoffice = with lib; {
    enable = lib.mkEnableOption "";

    port = mkOpt types.int 9943 "Port for opencloud to be hosted on";

    configPath = mkOpt types.str "/media/nas/main/nix-app-data/onlyoffice" "Path to the data dir";

    puid = mkOpt types.str "911" "puid";

    pgid = mkOpt types.str "1000" "pgid";

    timeZone = mkOpt types.str "America/Chicago" "container tz";
  };

  config = lib.mkIf cfg.enable {
    # services.nginx.virtualHosts."office.mjallen.dev".listen = [
    #   {
    #     addr = "0.0.0.0";
    #     port = 9943;
    #   }
    # ];
    # services.onlyoffice = {
    #   enable = true;
    #   port = 9943;
    #   hostname = "office.mjallen.dev";
    #   jwtSecretFile = jwtSecretFile;
    #   securityNonceFile = jwtSecretFile;
    # };
    virtualisation.oci-containers.containers.onlyoffice = {
      autoStart = true;
      image = "onlyoffice/documentserver";
      ports = [
        "${toString cfg.port}:80"
      ];
      volumes = [
        "${cfg.configPath}/logs:/var/log/onlyoffice"
        "${cfg.configPath}/data:/var/www/onlyoffice/Data"
        "${cfg.configPath}/lib:/var/lib/onlyoffice"
        "${cfg.configPath}/db:/var/lib/postgresql"
      ];
      environmentFiles = [ ];
      environment = {
        DB_TYPE = "postgres";
        DB_HOST = "10.0.1.3";
        DB_PORT = "5432";
        DB_USER = "onlyoffice";
        REDIS_SERVER_HOST = "10.0.1.3";
        REDIS_SERVER_PORT = "6381";
        WOPI_ENABLED = "true";
        JWT_SECRET = "BogieDudie1";
        PUID = cfg.puid;
        PGID = cfg.pgid;
        TZ = cfg.timeZone;
      };
    };
  };
}