{
  config,
  lib,
  namespace,
  ...
}:
with lib;
let
  inherit (lib.${namespace}) mkOpt mkReverseProxyOpt;
  cfg = config.${namespace}.services.opencloud;

  opencloudConfig = {
    virtualisation.oci-containers.containers.opencloud = {
      autoStart = true;
      image = "opencloudeu/opencloud-rolling";
      ports = [
        "${toString cfg.port}:9200"
      ];
      volumes = [
        "${cfg.dataPath}:/var/lib/opencloud"
        "${cfg.configPath}:/etc/opencloud"
      ];
      environmentFiles = [ ];
      environment = {
        OC_ADD_RUN_SERVICES = "collaboration";
        APP_PROVIDER_WOPI_APP_NAME = "OnlyOffice";
        COLLABORATION_APP_NAME = "OnlyOffice";
        COLLABORATION_APP_PRODUCT = "OnlyOffice";
        COLLABORATION_WOPI_SRC = "https://cloud.mjallen.dev";
        COLLABORATION_APP_ADDR = "https://office.mjallen.dev";
        COLLABORATION_APP_INSECURE = "false";
        COLLABORATION_LOG_LEVEL = "info";
        COLLABORATION_APP_PROOF_DISABLE = "true";
        COLLABORATION_WOPI_SHORTTOKENS = "false";
        COLLABORATION_GRPC_ADDR =  "0.0.0.0:9301";
        COLLABORATION_HTTP_ADDR = "0.0.0.0:9300";
        MICRO_REGISTRY = "nats-js-kv";
        MICRO_REGISTRY_ADDRESS = "opencloud:9233";

        NATS_NATS_HOST = "0.0.0.0";
        GATEWAY_GRPC_ADDR = "0.0.0.0:9142";

        OC_DB_TYPE = "postgres";
        OC_DB_HOST = "10.0.1.3";
        OC_DB_PORT = "5432";
        OC_DB_USER = "opencloud";
        OC_DB_NAME = "opencloud";

        OC_INSECURE = "true";
        PROXY_TLS = "false";
        PROXY_HTTP_ADDR = "0.0.0.0:9200";
        OC_URL = "https://cloud.mjallen.dev";
        PUID = cfg.puid;
        PGID = cfg.pgid;
        TZ = cfg.timeZone;
      };
    };
  };

  # Create reverse proxy configuration using mkReverseProxy
  reverseProxyConfig = lib.${namespace}.mkReverseProxy {
    name = "cloud";
    subdomain = cfg.reverseProxy.subdomain;
    url = "http://${cfg.localAddress}:${toString cfg.port}";
    middlewares = cfg.reverseProxy.middlewares;
  };

  fullConfig = {
    "${namespace}".services.traefik = lib.mkIf cfg.reverseProxy.enable {
      reverseProxies = [ reverseProxyConfig ];
    };
  }
  // opencloudConfig;
in
{
  options.${namespace}.services.opencloud = {
    enable = mkEnableOption "opencloud service";

    port = mkOpt types.int 9200 "Port for opencloud to be hosted on";

    localAddress = mkOpt types.str "127.0.0.1" "local address of the service";

    dataPath = mkOpt types.str "/media/nas/main/opencloud" "Path to the data dir";

    configPath = mkOpt types.str "/media/nas/main/nix-app-data/opencloud" "Path to the data dir";

    puid = mkOpt types.str "911" "puid";

    pgid = mkOpt types.str "1000" "pgid";

    timeZone = mkOpt types.str "America/Chicago" "container tz";

    reverseProxy = mkReverseProxyOpt;
  };

  config = mkIf cfg.enable fullConfig;
}