{ pkgs, config, lib, ... }:

let
  cfg = config.modules.services.jellyfin;
in
{
  options.modules.services.jellyfin = {
    enable = lib.mkEnableOption "enables jellyfin";
#    extra options
#    mode = lib.mkOption {
#      type = lib.types.enum [ "server" "client" ];
#      default = "client";
#      description = "whether syncthing should run as a client (user) or server (system-wide).";
#    };

  };

  config = lib.mkIf cfg.enable {
    
    # declare jellyfin group
    users.groups.jellyfin = { gid = 701; };
    # declare jellyfin user
    users.users.jellyfin = {
      description = "jellyfin media server user";
      uid = 701;
      isSystemUser = true;
      home = "/var/lib/jellyfin";
      createHome = true;
      group = "jellyfin";
      extraGroups = [ "media" "video" "render" ];
    };

    services.jellyfin = {
      enable = true;
      openFirewall = true;        # Opens 8096/8920 automatically
      user = "jellyfin";          # Default: jellyfin
      group = "jellyfin";         # Default: jellyfin
      dataDir = "/var/lib/jellyfin"; # Config + metadata storage
    };
    systemd.services.jellyfin.serviceConfig = {
      UMask = lib.mkForce "0007";
    };
  };
}