{ lib, config, pkgs, ... }:

let
  domain = "home.giugl.io";
  network = import ./network.nix;
  host = "127.0.0.1";
  port = 8123;
in {
  services = {
    mosquitto = {
      enable = true;
      listeners = [{
        acl = [ "pattern readwrite #" ];
        omitPasswordAuth = true;
        settings.allow_anonymous = true;
      }];
    };
    home-assistant = {
      enable = true;
      extraComponents = [
        # Components required to complete the onboarding
        "met"
        "radio_browser"
      ];
      config = {
        default_config = { };

        http = {
          server_port = port;
          server_host = host;
          trusted_proxies = [ host ];
          use_x_forwarded_for = true;
        };

        homeassistant = {
          name = "Manduria";
          latitude = 40.4;
          longitude = 17.63;
          unit_system = "metric";
          time_zone = "Europe/Rome";
          external_url = "http://${domain}";
        };
      };
    };

    nginx.virtualHosts.${domain} = {
      #      forceSSL = true;
      #      enableACME = true;
      locations."/" = {
        proxyPass = "http://${host}:${toString port}";
        extraConfig = ''
            proxy_set_header    Upgrade     $http_upgrade;
            proxy_set_header    Connection  "upgrade";
          allow 10.0.0.0/24;
          ${lib.concatMapStrings (x: "allow ${x};") network.gdevices-wg}
          deny all;
        '';
      };
    };
  };

  networking.extraHosts = ''
    ${network.architect-lan} ${domain}
    ${network.architect-wg} ${domain}
  '';
}