{ lib, pkgs, config,  ... }:
let
  chloe = pkgs.callPackage ./builder.nix {
    inherit (pkgs.webapps) chloe;
    config = config.myEnv.websites.chloe.production;
    apacheUser = config.services.httpd.Prod.user;
    apacheGroup = config.services.httpd.Prod.group;
  };

  cfg = config.myServices.websites.chloe.production;
in {
  options.myServices.websites.chloe.production.enable = lib.mkEnableOption "enable Chloe's website in production";

  config = lib.mkIf cfg.enable {
    services.duplyBackup.profiles.chloe_prod.rootDir = chloe.app.varDir;
    secrets.keys = chloe.keys;
    services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ];

    systemd.services.phpfpm-chloe_prod.after = lib.mkAfter chloe.phpFpm.serviceDeps;
    systemd.services.phpfpm-chloe_prod.wants = chloe.phpFpm.serviceDeps;
    services.phpfpm.pools.chloe_prod = {
      listen = chloe.phpFpm.socket;
      extraConfig = chloe.phpFpm.pool;
      phpOptions = config.services.phpfpm.phpOptions + ''
        extension=${pkgs.php}/lib/php/extensions/mysqli.so
      '';
    };
    system.activationScripts.chloe_prod = chloe.activationScript;
    myServices.websites.webappDirs."${chloe.apache.webappName}" = chloe.app.webRoot;
    services.websites.env.production.modules = chloe.apache.modules;
    services.websites.env.production.vhostConfs.chloe = {
      certName     = "chloe";
      certMainHost = "osteopathe-cc.fr";
      hosts        = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
      root         = chloe.apache.root;
      extraConfig  = [
        ''
          RewriteEngine On
          RewriteCond "%{HTTP_HOST}" "!^www\.osteopathe-cc\.fr$" [NC]
          RewriteRule ^(.+)$ https://www.osteopathe-cc.fr$1 [R=302,L]
          ''
        chloe.apache.vhostConf
      ];
    };
    services.websites.env.production.watchPaths = [
      "/var/secrets/webapps/${chloe.app.environment}-chloe"
    ];
  };
}