{ lib, config, pkgs, ... }:
with lib;
let
  psCfg = config.pub-solar;
  cfg = config.pub-solar.home-controller;
in
{
  config = mkIf cfg.enable {
    systemd.services.wireguard-wghome.serviceConfig.Restart = "on-failure";
    systemd.services.wireguard-wghome.serviceConfig.RestartSec = "5s";

    networking.firewall.allowedUDPPorts = [ cfg.wireguard.listenPort ];

    networking.wireguard.interfaces = {
      wghome = {
        ips = [ cfg.ownIp ];
        listenPort = cfg.wireguard.listenPort;
        privateKeyFile = cfg.wireguard.privateKeyFile;
        peers = cfg.wireguard.peers;
      };
    };
  };
}