{
  lib,
  pkgs,
  config,
  ...
}:
with lib;
let
  cfg = config.services.jitsi-rooms;
  backendPort = 8081;
  wsPort = 9160;
  address = "127.0.0.1";
  backend = (pkgs.callPackage ./backend/default.nix { });
  frontend = (pkgs.callPackage ./frontend/default.nix { });
  prodsodyPackage = (pkgs.callPackage ./prodsody/default.nix { });
  notifyScript = "/run/current-system/sw/bin/send-signal-jitsi-notify";
in
{
  options.services.jitsi-rooms = {
    enable = mkEnableOption "jitsi-rooms service";
    nginxHostname = mkOption {
      type = types.str;
      default = "treffen.filefighter.de";
    };
  };

  config = mkIf cfg.enable {
    systemd.services.jitsi-rooms = {
      description = "jitsi-rooms";

      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" ];

      serviceConfig = {
        ExecStart = "${backend}/bin/jitsi-rooms-exe -n ${notifyScript}";
        DynamicUser = true;
        User = "jitsi-rooms-backend";
      };
    };

    users.users.jitsi-rooms-backend = {
      isSystemUser = true;
      group = "jitsi-rooms-backend";
      extraGroups = [ "dbus" ];
    };
    users.groups.jitsi-rooms-backend = { };

    services.nginx.virtualHosts.${cfg.nginxHostname} = {
      forceSSL = true;
      enableACME = true;

      locations = {
        "/" = {
          root = frontend;
          tryFiles = "$uri $uri/ /index.html";
        };
        "/ws" = {
          proxyPass = "http://${address}:${toString wsPort}";
        };
      };
    };
    services.prosody = {
      extraPluginPaths = [ "${prodsodyPackage}/share" ];
      extraModules = [ "jitsi_rooms" ];
    };
  };

}