nix/modules/home/containers/static.nix

{ config, lib, ... }:

with lib;

let
  cfg = config.settings.containers.static;
in {
  options = {
    settings.containers.static.enable = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = ''
        Enable static pages containers
      '';
    };
  };

  config = mkIf cfg.enable {
    settings.services.sops.enable = true;

    services.podman.containers.wrbapp = {
      image = "gitea.xeovalyte.dev/xeovalyte/wrbapp:latest";
      network = "proxy";
      environmentFile = [
        "${config.sops.templates."container-wrbapp.env".path}"
      ];
    };

    services.podman.containers.hunshin = {
      image = "gitea.xeovalyte.dev/xeovalyte/hunshin:latest";
      network = "proxy";
    };

    services.podman.containers.bijlobke = {
      image = "gitea.xeovalyte.dev/xeovalyte/bijlobke:latest";
      network = "proxy";
    };

    services.podman.containers.ardsite = {
      image = "gitea.xeovalyte.dev/ardsite/ardsite:latest";
      network = "proxy";
    };

    sops.templates = {
      "container-wrbapp.env" = {
        content = ''
          NUXT_PRIVATE_KEY_ID: "${config.sops.placeholder."containers/wrbapp/private-key-id"}"
          NUXT_PRIVATE_KEY: "${config.sops.placeholder."containers/wrbapp/private-key"}"
          NUXT_CLIENT_ID: "${config.sops.placeholder."containers/wrbapp/client-id"}"
        ''
      };
    };

    sops.secrets = {
      "containers/wrbapp/private-key-id" = { };
      "containers/wrbapp/private-key" = { };
      "containers/wrbapp/client-id" = { };
    };
  };
}