# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0

{ depot, pkgs, config, ... }:
{
  imports = [
    ../lib/bvm.nix
  ];

  # Networking!
  networking = {
    hostName = "bvm-twitterchiver";
    hostId = "c7ff157c";

    interfaces.enp1s0 = {
      ipv4.addresses = [{ address = "10.100.0.201"; prefixLength = 23; }];
    };
  };
  my.ip.tailscale = "100.119.86.55";
  my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6277:5637";

  services.postgresql = {
    enable = true;
    package = pkgs.postgresql_14;
    ensureDatabases = [
      "twitterchiver"
    ];
    ensureUsers = [{
      name = "twitterchiver";
    }];
  };
  services.postgresqlBackup.enable = true;

  users.groups.twitterchiver = {};
  users.users.twitterchiver = {
    home = "/srv/twitterchiver";
    isSystemUser = true;
    createHome = true;
    group = "twitterchiver";
  };

  systemd.services.twitterchiver-viewer = {
    description = "Twitterchiver Viewer";
    wants = ["network-online.target"];
    wantedBy = ["multi-user.target"];
    serviceConfig = {
      ExecStart = "${depot.go.twitterchiver.viewer}/bin/viewer --user_to_twitter=lukegb@lukegb.com:lukegb,bgekul";
      EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path;
      WorkingDirectory = "${depot.go.twitterchiver.viewer}/share";
      User = "twitterchiver";
      Restart = "always";
    };
  };
  systemd.services.twitterchiver-relatedfetcher = {
    description = "Twitterchiver Related-Fetcher";
    wants = ["network-online.target"];
    wantedBy = ["multi-user.target"];
    serviceConfig = {
      ExecStart = "${depot.go.twitterchiver.relatedfetcher}/bin/relatedfetcher --media_work_at_once 100 --media_tick_interval 10s";
      EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path;
      User = "twitterchiver";
      Restart = "always";
    };
  };
  systemd.services.twitterchiver-archiver = {
    description = "Twitterchiver Archiver";
    wants = ["network-online.target"];
    wantedBy = ["multi-user.target"];
    serviceConfig = {
      ExecStart = "${depot.go.twitterchiver.archiver}/bin/archiver";
      EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path;
      User = "twitterchiver";
      Restart = "always";
    };
  };

  my.vault.secrets.twitterchiver-environment = {
    restartUnits = ["twitterchiver-viewer.service" "twitterchiver-relatedfetcher.service" "twitterchiver-archiver.service"];
    group = "root";
    template = ''
      {{ with secret "kv/apps/twitterchiver" }}
      {{ .Data.data.environment }}
      {{ end }}
    '';
  };

  system.stateVersion = "21.05";
}