{
  config,
  lib,
  namespace,
  ...
}:
with lib;
let
  name = "opencloud";
  cfg = config.${namespace}.services.${name};

  opencloudConfig = lib.${namespace}.mkModule {
    inherit config name;
    description = "opencloud";
    options = { };
    moduleConfig = {
      sops.templates = {
        "opencloud.env" = {
          content = ''
            OC_JWT_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"}
            OC_TRANSFER_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"}
            OC_MACHINE_AUTH_API_KEY=${config.sops.placeholder."jallen-nas/onlyoffice-key"}
          '';
        };
      };
      virtualisation.oci-containers.containers.opencloud = {
        autoStart = true;
        image = "opencloudeu/opencloud-rolling";
        ports = [
          "${toString cfg.port}:9200"
        ];
        volumes = [
          "${cfg.dataDir}/opencloud:/var/lib/opencloud"
          "${cfg.configDir}/opencloud:/etc/opencloud"
        ];
        environmentFiles = [ config.sops.templates."opencloud.env".path ];
        environment = {
          OC_ADD_RUN_SERVICES = "collaboration,app-provider";
          OC_REVA_GATEWAY = "eu.opencloud.api.gateway";
          APP_PROVIDER_WOPI_APP_NAME = "Collabora";
          APP_PROVIDER_ENABLE = "true";
          APP_PROVIDER_SERVICE_NAME = "app-provider-collabora";
          COLLABORATION_APP_NAME = "Collabora";
          COLLABORATION_APP_PRODUCT = "Collabora";
          COLLABORATION_WOPI_DISCOVERY_URL = "https://office.mjallen.dev/hosting/discovery";
          COLLABORATION_WOPI_SRC = "https://office.mjallen.dev";
          OC_COLLABORATION_WOPI_URL = "https://office.mjallen.dev";
          COLLABORATION_APP_ADDR = "https://office.mjallen.dev";
          COLLABORATION_APP_INSECURE = "false";
          COLLABORATION_APP_PROOF_DISABLE = "true";
          COLLABORATION_WOPI_SHORTTOKENS = "false";
          # COLLABORATION_GRPC_ADDR =  "${cfg.listenAddress}:9301";
          # COLLABORATION_HTTP_ADDR = "${cfg.listenAddress}:9200";
          MICRO_REGISTRY = "nats-js-kv";
          MICRO_REGISTRY_ADDRESS = "127.0.0.1:9233";
          OC_SYSTEM_USER_ID = cfg.puid;

          OC_LOG_LEVEL = "info";
          
          APP_PROVIDER_PROVIDERS = "collabora";

          APP_PROVIDER_COLLABORA_NAME = "Collabora";
          APP_PROVIDER_COLLABORA_PRODUCT = "Collabora Online";

          APP_PROVIDER_COLLABORA_ADDR = "https://office.mjallen.dev";
          APP_PROVIDER_COLLABORA_ICON = "https://office.mjallen.dev/favicon.ico";

          APP_PROVIDER_COLLABORA_MIME_TYPES = ''
            application/vnd.openxmlformats-officedocument.wordprocessingml.document
            application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
            application/vnd.openxmlformats-officedocument.presentationml.presentation
            application/msword
            application/vnd.ms-excel
            application/vnd.ms-powerpoint
            text/plain
          '';

          NATS_NATS_HOST = cfg.listenAddress;
          GATEWAY_GRPC_ADDR = "${cfg.listenAddress}:9142";

          OC_DB_TYPE = "postgres";
          OC_DB_HOST = "10.0.1.3";
          OC_DB_PORT = "5432";
          OC_DB_USER = "opencloud";
          OC_DB_NAME = "opencloud";

          OC_INSECURE = "true";
          PROXY_TLS = "false";
          PROXY_HTTP_ADDR = "${cfg.listenAddress}:9200";
          OC_URL = "https://cloud.mjallen.dev";
          OC_PUBLIC_URL = "https://cloud.mjallen.dev";
          PUID = cfg.puid;
          PGID = cfg.pgid;
          TZ = cfg.timeZone;
        };
      };
    };
  };
in
{
  imports = [ opencloudConfig ];
}