{ config, lib, ... }:

with lib;

let
  mkServiceOption = { desc, defaultEnabled ? false, extraOpts ? {} }: mkOption {
    description = "Configuration for the ${desc}";
    default = {};
    type = types.submodule {
      options = {
        enable = mkEnableOption desc // { default = defaultEnabled; };
      } // extraOpts;
    };
  };

  mkPortOption = default: mkOption {
    type = types.port;
    default = default;
    description = "Port for the service to listen on.";
  };

in {
  imports = [
    ./nginx.nix
    ./newt.nix
    ./tailscale.nix
    ./acme.nix
    ./searXNG.nix
    ./roundcube.nix
    ./vaultWarden.nix
  ];

  options.module = {
    domain = mkOption {
      type = types.str;
      default = "wateir.fr";
    };

    hostName = mkOption {
      type = types.str;
      default = "${config.networking.hostName}.${config.module.domain}";
      description = "Global FQDN for all hosted services.";
    };

    acme = mkServiceOption {
      desc = "ACME DNS Challenge";
    };

    tailscale = mkServiceOption {
      desc = "Tailscale VPN";
      defaultEnabled = true;
    };

    newt = mkServiceOption {
      desc = "Newt custom wireguard tunnel";
    };

    roundcube = mkServiceOption {
      desc = "Roundcube webapp";
      extraOpts = { port = mkPortOption 1984; };
    };

    vaultwarden = mkServiceOption {
      desc = "Vaultwarden password manager";
      extraOpts = {
        externalPort = mkPortOption 8000;
        internalPort = mkPortOption 8222;
      };
    };

    searxng = mkServiceOption {
      desc = "SearXNG meta-search engine";
      extraOpts = { port = mkPortOption 1692; };
    };
  };
}