{ config, lib, pkgs, ... }:

with lib;

let
  cfg = config.settings.containers.vaultwarden;
in {
  options = {
    settings.containers.vaultwarden.enable = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = ''
        Enable Vaultwarden container
      '';
    };
  };

  config = mkIf cfg.enable {
    services.podman.containers.vaultwarden = {
      image = "ghcr.io/dani-garcia/vaultwarden:latest";
      network = "proxy";
      volumes = [
        "%h/containers/vaultwarden/data:/data" 
      ];
      environment = {
        DOMAIN = "https://vault.local.tbmrs.nl";
        SIGNUPS_ALLOWED = true;
      };
    };

    settings.containers.caddy.routes.tbmrs-local.routes = [{
      name = "vaultwarden";
      host = "vault";
      url = "vaultwarden:80"; 
    }];

  };
}