{ lib, config, pkgs, ... }:
with lib;
let
  psCfg = config.pub-solar;
  cfg = config.pub-solar.home-controller;
in
{
  imports = [
    ./k3s.nix
    ./wireguard.nix
  ];

  options.pub-solar.home-controller = {
    enable = mkEnableOption "Control your home";

    role = mkOption {
      description = ''
        Whether the node should run as a server or agent.
        Note that the server, by default, also runs as an agent.
      '';
      default = "server";
      type = types.enum [ "server" "agent" ];
    };

    ownIp = mkOption {
      description = ''
        Internal ip in wireguard used for cluster control-plane communication.
      '';
      type = types.str;
    };

    k3s = {
      enableLocalStorage = mkOption {
        description = ''
          Enable local storage provisioner.
        '';
        default = false;
        type = types.bool;
      };

      defaultLocalStoragePath = mkOption {
        description = ''
          Default path to use for local storage provisioner.
        '';
        default = "/var/lib/rancher/k3s/storage";
        type = types.path;
      };

      flannelBackend = mkOption {
        description = ''
          Flannel backend to use.
        '';
        default = "wireguard-native";
        type = types.str;
      };

      serverAddr = mkOption {
        description = ''
          Set server address of master
        '';
        default = "";
        type = types.str;
        example = "https://api.kube:6443";
      };

      tokenFile = mkOption {
        description = ''
          Location of token file used to join cluster.
        '';
        default = "";
        type = types.str;
      };

      enableZfs = mkOption {
        description = ''
          Enable when k3s should use a ZFS compatible runtime.
        '';
        default = false;
        type = types.bool;
      };

      zfsPool = mkOption {
        description = ''
          The ZFS pool to use and create a containerd volume in.
        '';
        default = "zroot";
        type = types.str;
      };
    };

    wireguard = {
      privateKeyFile = mkOption {
        description = ''
          Location of private key file
        '';
        type = types.path;
      };

      listenPort = mkOption {
        description = ''
          Port for wireguard.
        '';
        default = 51899;
        type = types.int;
      };

      peers = mkOption {
        description = ''
          Wireguard peers.
        '';
        type = types.listOf types.attrs;
      };
    };
  };

  config = mkIf cfg.enable {
    boot.kernelModules = [ "rbd" ];

    networking.extraHosts =
      ''
        192.168.42.231 ringo.local
        192.168.42.232 giggles.local
        192.168.42.234 cox.local
        192.168.42.236 companion.local
        10.0.1.11      api.kube giggles.kube
        10.0.1.12      cox.kube
        10.0.1.13      companion.kube
        10.0.1.21      ringo.kube
      '';
  };
}