# Auto-generated using compose2nix v0.3.1.
{ config, pkgs, lib, ... }:

{
  imports = [
    ../../../../system/sops.nix
  ];

  # Containers
  virtualisation.oci-containers.containers."passbolt-db" = {
    image = "mariadb:10.11";
    environmentFiles = [ config.sops.secrets.passbolt_db_docker_env.path ];
    environment = {
      "MYSQL_DATABASE" = "passbolt";
      "MYSQL_RANDOM_ROOT_PASSWORD" = "true";
      "MYSQL_USER" = "passbolt";
    };
    volumes = [
      "passbolt_db:/var/lib/mysql:rw"
    ];
    log-driver = "journald";
    extraOptions = [
      "--network-alias=db"
      "--network=passbolt_default"
    ];
  };

  systemd.services."docker-passbolt-db" = {
    serviceConfig = {
      Restart = lib.mkOverride 90 "always";
      RestartMaxDelaySec = lib.mkOverride 90 "1m";
      RestartSec = lib.mkOverride 90 "100ms";
      RestartSteps = lib.mkOverride 90 9;
    };
    after = [
      "docker-network-passbolt_default.service"
      "docker-volume-passbolt_db.service"
    ];
    requires = [
      "docker-network-passbolt_default.service"
      "docker-volume-passbolt_db.service"
    ];
    partOf = [
      "docker-compose-passbolt-root.target"
    ];
    wantedBy = [
      "docker-compose-passbolt-root.target"
    ];
  };

  virtualisation.oci-containers.containers."passbolt-passbolt" = {
    image = "passbolt/passbolt:latest-ce";
    environmentFiles = [ config.sops.secrets.passbolt_passbolt_docker_env.path ];
    environment = {
      "APP_FULL_BASE_URL" = "https://passbolt.hofers.cloud";
      "DATASOURCES_DEFAULT_DATABASE" = "passbolt";
      "DATASOURCES_DEFAULT_HOST" = "db";
      "DATASOURCES_DEFAULT_USERNAME" = "passbolt";
    };
    volumes = [
      "passbolt_gpg:/etc/passbolt/gpg:rw"
      "passbolt_jwt:/etc/passbolt/jwt:rw"
    ];
    labels = {
      "traefik.http.routers.passbolthoferscloud.rule" = "Host(`passbolt.hofers.cloud`)";
    };
    cmd = [ "/usr/bin/wait-for.sh" "-t" "0" "db:3306" "--" "/docker-entrypoint.sh" ];
    labels = {
      "traefik.http.routers.passbolthoferscloud.rule" = "Host(`passbolt.hofers.cloud`)";
    };
    dependsOn = [
      "passbolt-db"
    ];
    log-driver = "journald";
    extraOptions = [
      "--network-alias=passbolt"
      "--network=passbolt_default"
    ];
  };

  systemd.services."docker-passbolt-passbolt" = {
    serviceConfig = {
      Restart = lib.mkOverride 90 "always";
      RestartMaxDelaySec = lib.mkOverride 90 "1m";
      RestartSec = lib.mkOverride 90 "100ms";
      RestartSteps = lib.mkOverride 90 9;
    };
    after = [
      "docker-network-passbolt_default.service"
      "docker-volume-passbolt_gpg.service"
      "docker-volume-passbolt_jwt.service"
    ];
    requires = [
      "docker-network-passbolt_default.service"
      "docker-volume-passbolt_gpg.service"
      "docker-volume-passbolt_jwt.service"
    ];
    partOf = [
      "docker-compose-passbolt-root.target"
    ];
    wantedBy = [
      "docker-compose-passbolt-root.target"
    ];
  };

  # Networks
  systemd.services."docker-network-passbolt_default" = {
    path = [ pkgs.docker ];
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
      ExecStop = "docker network rm -f passbolt_default";
    };
    script = ''
      docker network inspect passbolt_default || docker network create passbolt_default
    '';
    partOf = [ "docker-compose-passbolt-root.target" ];
    wantedBy = [ "docker-compose-passbolt-root.target" ];
  };

  # Volumes
  systemd.services."docker-volume-passbolt_db" = {
    path = [ pkgs.docker ];
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
    };
    script = ''
      docker volume inspect passbolt_db || docker volume create passbolt_db
    '';
    partOf = [ "docker-compose-passbolt-root.target" ];
    wantedBy = [ "docker-compose-passbolt-root.target" ];
  };

  systemd.services."docker-volume-passbolt_gpg" = {
    path = [ pkgs.docker ];
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
    };
    script = ''
      docker volume inspect passbolt_gpg || docker volume create passbolt_gpg
    '';
    partOf = [ "docker-compose-passbolt-root.target" ];
    wantedBy = [ "docker-compose-passbolt-root.target" ];
  };

  systemd.services."docker-volume-passbolt_jwt" = {
    path = [ pkgs.docker ];
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
    };
    script = ''
      docker volume inspect passbolt_jwt || docker volume create passbolt_jwt
    '';
    partOf = [ "docker-compose-passbolt-root.target" ];
    wantedBy = [ "docker-compose-passbolt-root.target" ];
  };

  # Root service
  # When started, this will automatically create all resources and start
  # the containers. When stopped, this will teardown all resources.
  systemd.targets."docker-compose-passbolt-root" = {
    unitConfig = {
      Description = "Root target generated by compose2nix.";
    };
    wantedBy = [ "multi-user.target" ];
  };
}