{ config, lib, ... }:
let
  port = lib.custom.autoport "grimmory";
in
{

  sops.secrets = {
    "mariadb/users/grimmory" = {};
  };

  sops.templates."grimmory-secrets".content = ''
    DATABASE_PASSWORD=${config.sops.placeholder."mariadb/users/grimmory"}
  '';

  services.mysql = {
    ensureDatabases = [
      "grimmory"
    ];
  };
    
  systemd.tmpfiles.rules = [
    "d /var/lib/grimmory 774 1000 1000"
    "d /var/lib/grimmory/data 774 1000 1000"
    "d /var/lib/grimmory/books 774 1000 1000"
    "d /var/lib/grimmory/bookdrop 774 1000 1000"
  ];

  services.caddy.virtualHosts."library.wanderingcrow.net".extraConfig = ''
    reverse_proxy http://localhost:${builtins.toString port}
  '';

  virtualisation.quadlet = {
    containers = {
      grimmory.containerConfig = {
        image = "grimmory/grimmory:latest";
        publishPorts = [
          "${builtins.toString port}:6060"
        ];
        environments = {
          TZ="Etc/UTC";
          APP_USER_ID="1000";
          APP_GROUP_ID="1000";
          BOOKLORE_PORT="6060";

          DATABASE_URL="jdbc:mariadb://host.containers.internal:3306/grimmory";
          DATABASE_USERNAME="grimmory";
        };
        environmentFiles = [
          config.sops.templates."grimmory-secrets".path
        ];
        volumes = [
          "/var/lib/grimmory/data:/app/data"
          "/var/lib/grimmory/books:/books"
          "/var/lib/grimmory/bookdrop:/bookdrop"
        ];
      };
    };
  };
}