{ config, lib, ... }:

let
  inherit (lib) types mkOption mkEnableOption;
in

{
  options.fediversity.garage = {
    ensureBuckets = mkOption {
      type = types.attrsOf (
        types.submodule {
          options = {
            website = mkOption {
              type = types.bool;
              default = false;
            };
            # I think setting corsRules should allow another website to show images from your bucket
            corsRules = {
              enable = mkEnableOption "CORS Rules";
              allowedHeaders = mkOption {
                type = types.listOf types.str;
                default = [ ];
              };
              allowedMethods = mkOption {
                type = types.listOf types.str;
                default = [ ];
              };
              allowedOrigins = mkOption {
                type = types.listOf types.str;
                default = [ ];
              };
            };
            aliases = mkOption {
              type = types.listOf types.str;
              default = [ ];
            };
          };
        }
      );
      default = { };
    };

    ensureKeys = mkOption {
      type = types.attrsOf (
        types.submodule {
          options = {
            s3AccessKeyFile = mkOption { type = types.path; };

            s3SecretKeyFile = mkOption { type = types.path; };

            # TODO: assert at least one of these is true
            # NOTE: this currently needs to be done at the top level module
            ensureAccess = mkOption {
              type = types.attrsOf (
                types.submodule {
                  options = {
                    read = mkOption {
                      type = types.bool;
                      default = false;
                    };
                    write = mkOption {
                      type = types.bool;
                      default = false;
                    };
                    owner = mkOption {
                      type = types.bool;
                      default = false;
                    };
                  };
                }
              );
              default = [ ];
            };
          };
        }
      );
      default = { };
    };

    api = {
      domain = mkOption {
        type = types.str;
        default = "s3.garage.${config.fediversity.domain}";
      };
      port = mkOption {
        type = types.int;
        default = 3900;
      };
      url = mkOption {
        type = types.str;
        default = "http://${config.fediversity.garage.api.domain}:${toString config.fediversity.garage.api.port}";
      };
    };

    rpc = {
      port = mkOption {
        type = types.int;
        default = 3901;
      };
    };

    web = {
      rootDomain = mkOption {
        type = types.str;
        default = "web.garage.${config.fediversity.domain}";
      };
      internalPort = mkOption {
        type = types.int;
        default = 3902;
      };
      domainForBucket = mkOption {
        type = types.functionTo types.str;
        default = bucket: "${bucket}.${config.fediversity.garage.web.rootDomain}";
      };
      urlForBucket = mkOption {
        type = types.functionTo types.str;
        default = bucket: "http://${config.fediversity.garage.web.domainForBucket bucket}";
      };
    };
  };
}