{ pkgs, config, lib, ... }:

{
  options = {
    modules.homelab.docker.ddns.enable = lib.mkEnableOption "enable ddns docker";
  };

  config = lib.mkIf config.modules.homelab.docker.ddns.enable {
    let
      api_token = builtins.readFile /home/blake/.keyring/ddns/api_token;
      zone_id_blakedheld = builtins.readFile /home/blake/.keyring/ddns/zone_id_blakedheld;
      zone_id_recoil = builtins.readFile /home/blake/.keyring/ddns/zone_id_recoil;
      
      # define the config file
      ddns_cfg = pkgs.writeText "config.json" ''
        {
          "cloudflare": [
            {
              "authentication": {
                "api_token": "${api_token}"
              },
              "zone_id": "${zone_id_blakedheld}",
              "subdomains": [
                {
                  "name": "@",
                  "proxied": true
                },
                {
                  "name": "*",
                  "proxied": true
                },
                {
                  "name": "git",
                  "proxied": false
                }

              ]
            },
            {
              "authentication": {
                "api_token": "${api_token}"
              },
              "zone_id": "${zone_id_recoil}",
              "subdomains": [
                {
                  "name": "@",
                  "proxied": true
                },
                {
                  "name": "*",
                  "proxied": true
                },
                {
                  "name": "mc",
                  "proxied": true
                },
                {
                  "name": "smp",
                  "proxied": true
                },
                {
                  "name": "superflat",
                  "proxied": false
                },
                {
                  "name": "skyblock",
                  "proxied": false
                }
              ]
            }
          ],
          "a": true,
          "aaaa": true,
          "purgeUnknownRecords": false
        }
      '';
    in
    {
      virtualisation.docker.containers.ddns = {
        image = "timothyjmiller/cloudflare-ddns:latest";
        containerName = "ddns";
        restartPolicy = "unless-stopped";
        hostNetwork = true;
        environment = { PUID = "1000"; PGID = "1000"; };
        volumes = [ "${ddns_cfg}:/config.json" ];
        securityOpt = [ "no-new-privileges:true" ];
      };
    }
  };
}