{ lib, pkgs, config, ... }:
with lib;
let
  cfg = config.nas-apps.swag;
in {
  options.nas-apps.swag = {
    enable = mkEnableOption "swag docker service";

    autoStart = mkOption {
      type = types.bool;
      default = true;
    };

    httpPort = mkOption {
      type = types.int;
      default = 80;
    };
    
    httpsPort = mkOption {
      type = types.int;
      default = 443;
    };

    name = mkOption {
      type = types.str;
      default = "swag";
    };

    image = mkOption {
      type = types.str;
      default = "linuxserver/swag";
    };

    configPath = mkOption {
      type = types.str;
      default = "/mnt/ssd/ssd_app_data/swag";
    };

    puid = mkOption {
      type = types.str;
      default = "911";
    };

    pgid = mkOption {
      type = types.str;
      default = "1000";
    };

    timeZone = mkOption {
      type = types.str;
      default = "America/Chicago";
    };

    email = mkOption {
      type = types.str;
      default = "jalle008@proton.me";
    };

    url = mkOption {
      type = types.str;
      default = "mjallen.dev";
    };

    validation = mkOption {
      type = types.str;
      default = "http";
    };

    subdomains = mkOption {
      type = types.str;
      default = "jellyfin,hass,cloud,office,jellyseerr";
    };

  };
  
  config = mkIf cfg.enable {
    
    networking.firewall = {
      allowedTCPPorts = [ cfg.httpPort cfg.httpsPort ];
      allowedUDPPorts = [ cfg.httpPort cfg.httpsPort ];
    };

    virtualisation.oci-containers.containers."${cfg.name}" = {
      autoStart = cfg.autoStart;
      image = cfg.image;
      ports = [ "${toString cfg.httpPort}:80" "${toString cfg.httpsPort}:443" ];
      volumes = [
          "${cfg.configPath}:/config"
      ];
      environment = {
          PUID = cfg.puid;
          PGID = cfg.pgid;
          TZ = cfg.timeZone;
          EMAIL = cfg.email;
          URL = cfg.url;
          VALIDATION = cfg.validation;
          SUBDOMAINS = cfg.subdomains;
      };
    };
  };
}