{ config, lib, pkgs, ... }:
let
  greenapid = pkgs.callPackage ./greenapid.nix {};
  frontend = pkgs.callPackage ./frontend.nix { nodeEnv = pkgs.callPackage pkgs.mylibs.nodeEnv {}; };
  wordlists = pkgs.runCommand "wordlists" {} ''
    mkdir -p $out
    cp -r ${./wordlists} $out/wordlists
  '';
  cfg = config.myServices.websites.games.codenames;
in
{
  options.myServices.websites.games.codenames.enable = lib.mkEnableOption "Enable Codenames game";
  config = lib.mkIf cfg.enable {
    systemd.services.codenames_api = {
      description = "Api for codenames game";
      wantedBy = [ "multi-user.target" ];
      script = "${greenapid}/bin/greenapid";
      postStart = ''
        sleep 5;
        chown :wwwrun /run/codenamesgreen/socket.sock
        chmod g+w /run/codenamesgreen/socket.sock
      '';
      serviceConfig = {
        User = "codenames";
        DynamicUser = true;
        SupplementaryGroups = [ "wwwrun" ];
        Type = "simple";
        RuntimeDirectory = "codenamesgreen";
        WorkingDirectory = builtins.toString wordlists;
      };
    };

    services.websites.env.tools.vhostConfs.games_codenames = {
      certName = "games";
      certMainHost = "games.immae.eu";
      hosts = [ "codenames.games.immae.eu" ];
      root = frontend;
      extraConfig = [
        ''
        ProxyPass        /api/ unix:///run/codenamesgreen/socket.sock|http://codenames.games.immae.eu/
        ProxyPassReverse /api/ unix:///run/codenamesgreen/socket.sock|http://codenames.games.immae.eu/

        <Directory ${frontend}>
          FallbackResource index.html
        </Directory>
        ''
      ];
    };
  };
}