{ lib, pkgs, unstablePkgs, ... }:

let
  inherit (pkgs) dockerTools;

  dendriteDir = "/srv/dendrite";

  dendrite = unstablePkgs.dendrite;

  baseImageArm = dockerTools.pullImage {
    imageName = "alpine";
    imageDigest = "sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb7527e017a4b4a";
    sha256 = "06c0q5kk60i89y1d83a28wk282ymp806xjcsmlca4cwwqp590j0q";
    finalImageName = "alpine";
    finalImageTag = "3.20.3";
    os = "linux";
    arch = "arm64";
  };

  dendriteImage = dockerTools.buildLayeredImage {
    name = "dendrite";
    tag = dendrite.version;
    fromImage = baseImageArm;

    contents = [ dendrite ];
  };

in
{
  virtualisation.oci-containers.containers = {
    dendrite = {
      imageFile = dendriteImage;
      image = "dendrite:${dendrite.version}";
      ports = [ 
        "127.0.0.1:8008:8008"
        "127.0.0.1:8448:8448"
      ];

      volumes = [
        "${dendriteDir}/config:/etc/dendrite"
        "${dendriteDir}/data:/var/dendrite"
      ];

      entrypoint = "${dendrite}/bin/dendrite";
      workdir = "/etc/dendrite";
      
      dependsOn = [ "dendrite-db" ];

      extraOptions = [
        "--network-alias=dendrite"
        "--network=dendrite"
      ];
    };

    dendrite-db = {
      # TODO: pull through `dockerTools`.
      image = "postgres:15-alpine";
      volumes = [ "${dendriteDir}/pgdata:/var/lib/postgresql/data" ];

      environment = {
        "POSTGRES_DATABASE" = "dendrite";
        "POSTGRES_USER" = "dendrite";
        "POSTGRES_PASSWORD" = "TFbQi2cHnzwe26";
      };

      extraOptions = [
        "--network-alias=db"
        "--network=dendrite"
      ];
    };
  };

  systemd = let
    root = "docker-dendrite-root";
    network = "docker-dendrite-network";

    containerService = {
      serviceConfig = {
        Restart = lib.mkOverride 90 "always";
        RestartMaxDelaySec = lib.mkOverride 90 "1m";
        RestartSec = lib.mkOverride 90 "100ms";
        RestartSteps = lib.mkOverride 90 9;
      };
      after = [ "${network}.service" ]; requires = [ "${network}.service" ];
      partOf = [ "${root}.target" ]; wantedBy = [ "${root}.target" ];
    };
  in {
    services = {
      "docker-dendrite-db" = containerService;
      "docker-dendrite" = containerService;

      "${network}" = {
        path = [ pkgs.docker ];
        serviceConfig = {
          Type = "oneshot";
          RemainAfterExit = true;
          ExecStop = "docker network rm -f dendrite";
        };
        script = ''
          docker network inspect dendrite || docker network create dendrite --driver=bridge
        '';
        partOf = [ "${root}.target" ]; wantedBy = [ "${root}.target" ];
      };
    };

    targets = {
      "${root}" = { wantedBy = [ "multi-user.target" ]; };
    };
  };
}