{ config, self, lib, pkgs,  ... }:

with lib;

{
  sops.defaultSopsFile = ./secrets.yaml;
  sops.secrets = {
    nextcloudAdminPass = {
      owner = "nextcloud";
      group = "nextcloud";
    };
  };

  networking = {
    hostName = mkDefault "nextcloud";
    useDHCP = false;
  };

  imports = [
    self.nixosModules.malobeo.metrics
    ../modules/malobeo_user.nix
    ../modules/sshd.nix
    ../modules/minimal_tools.nix
    ../modules/autoupdate.nix
  ];

  malobeo.metrics = {
    enable = true;
    enablePromtail = true;
    logNginx = true;
    lokiHost = "10.0.0.14";
  };

  services.nextcloud = {
    enable = true;
    package = pkgs.nextcloud32;
    hostName = "cloud.malobeo.org";
    config.adminpassFile = config.sops.secrets.nextcloudAdminPass.path;
    maxUploadSize = "10G";
    datadir = "/data/services/nextcloud/";
    database.createLocally = true;
    config.dbtype = "pgsql";
    configureRedis = true;
    caching = {
      redis = true;
      apcu = true;
    };
    extraAppsEnable = true;
    extraApps = {
      inherit (config.services.nextcloud.package.packages.apps) contacts calendar polls registration collectives forms;

      deckWithDrag = pkgs.php.buildComposerProject (finalAttrs: {
        pname = "deck";
        version = "1.0.0";
        src = pkgs.fetchzip {
          url = "https://github.com/nextcloud/deck/archive/refs/heads/stable32.zip";
          hash = "sha256-eMHjfki+axEtlhV6518mlAzPhZxAZqEX7HiRsJf1vxo=";
        };
        composerNoDev = true;
        vendorHash = pkgs.lib.fakeHash;
        postInstall = ''
          cp -r $out/share/php/deck/* $out/
          rm -r $out/share
        '';
      });
      
      #deckWithDrag = pkgs.fetchNextcloudApp {
      #  appName = "deck";
      #  appVersion = "1.16.2";
      #  license = "agpl3Plus";
      #  teams = [ pkgs.lib.teams.nextcloud ];
      #  url = "https://github.com/nextcloud-releases/deck/releases/download/v1.16.2/deck-v1.16.2.tar.gz";
      #  hash = "sha256-rFymTIr7pOuMES3DMIOS7cvq+CEIekLZYLqz58TOP04=";
      #  description = "";
      #  homepage = "https://github.com/nextcloud/deck";
      #  unpack = true;
      #  patches = [
      #    (pkgs.fetchpatch {
      #      url = "https://git.dynamicdiscord.de/ahtlon/deck/commit/77cbcf42ca80dd32e450839f02faca2e5fed3761.patch";
      #      sha256 = "sha256-agwFMwXO8WLL0+pdeKF/pA59V9ah9t590sCl1msQonA=";
      #    })
      #  ];
      #};
    };
    settings = {
      trusted_domains = ["10.0.0.13"];
      trusted_proxies = [ "10.0.0.1" ];
      "maintenance_window_start" = "1";
      "default_phone_region" = "DE";
    };
    phpOptions = {
      "realpath_cache_size" = "0";
      "opcache.interned_strings_buffer" = "32";
    };
  };

  networking.firewall.allowedTCPPorts = [ 80 443 ];

  system.stateVersion = "22.11"; # Did you read the comment?
}