{ lib, config, pkgs, ... }:
let
  configFile = pkgs.writeText "config.yaml" ''
    listen: ":1965"
    hosts:
      immae.eu:
        cert: /var/lib/acme/immae/full.pem
        key: /var/lib/acme/immae/key.pem
        paths:
          - path: /
            root: ${./public}
  '';
in
{
  options.myServices.gemini.enable = lib.mkEnableOption "enable Gemini capsule";
  config = lib.mkIf config.myServices.gemini.enable {
    networking.firewall.allowedTCPPorts = [ 1965 ];
    systemd.services.gemini = {
      description = "Gemini capsule server";
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" ];
      serviceConfig.ExecStart = "${pkgs.twins}/bin/twins -config ${configFile}";
      serviceConfig.Type = "simple";
    };
  };
}