{
  lib,
  pkgs,
  config,
  ...
}:
with lib;
let
  cfg = config.services.wormspace;
  package  = (pkgs.callPackage ./default.nix { pkgs = pkgs; });
in
{
  options.services.wormspace = {
    enable = mkEnableOption "wormspace service";

    nginxHostname = mkOption {
      type = types.str;
      default = "wormspace-demo.duckdns.org";
    };
    port = mkOption {
      type = types.int;
      default = 8999;
    };
  };

  config = mkIf cfg.enable {
    systemd.services.wormspace = {
      description = "wormspace";

      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" ];

      serviceConfig = {
        ExecStart = "${package}/bin/wormspace  ${
          escapeShellArg (toString cfg.port)
        }";
        StateDirectory = "wormspace";
        WorkingDirectory="/var/lib/wormspace";
        DynamicUser = true;
        User = "wormspace";
      };
    };

    services.nginx.virtualHosts.${cfg.nginxHostname} = {
      forceSSL = true;
      enableACME = true;
      locations = {
        "/" = {
          proxyPass = "http://127.0.0.1:${toString cfg.port}";
        };
      };
    };
  };

}