{ config, pkgs, lib, ... }:

let
  domain = "${config.networking.hostName}.${config.networking.domain}";
  mkDomain = subname: "${subname}.${domain}";
  cnt = config.containers.vscode-remote-test.config;
in {
  networking.nat = {
    enable = true;
    internalInterfaces = ["ve-+"];
    externalInterface = "eno1"; # TODO: can i make this dynamic?
  };

  #imports = [
  #  "/home/pbsds/repos/nixpkgs-trees/containers-mkdir/nixos/modules/virtualisation/nixos-containers.nix"
  #];
  #disabledModules = [
  #  "virtualisation/nixos-containers.nix"
  #];

  containers.vscode-remote-test = {
    autoStart = true;
    privateNetwork = true;
    hostAddress = "10.240.100.2";
    localAddress = "10.240.100.3";
    #bindMounts."/home" = {
    #  hostPath = "/var/lib/code-server";
    #  isReadOnly = false;
    #};
    config = { config, pkgs, ... }: {
      system.stateVersion = "22.05";
      imports = [ <home-manager/nixos> ];
      home-manager.useUserPackages = true; # install to /etc instead of ~/.nix-profile, needed for containers
      home-manager.useGlobalPkgs = true; # brrr

      home-manager.users.${config.services.code-server.user} = { pkgs, config, ... }: {
        programs.git.enable = true;
        programs.git.userName = "Theoharis Theoharis";
        programs.git.userEmail = "theotheo@ntnu.no";
        programs.vscode.extensions = with pkgs.vscode-extensions; [
          shd101wyy.markdown-preview-enhanced
          sanaajani.taskrunnercode
          tomoki1207.pdf
        ];
      };

      services.code-server = {
        enable = true;
        port = 53754;
        # if you don't care about security: https://argon2.online/
        hashedPassword = "$argon2i$v=19$m=16,t=2,p=1$MHh5UGNtU1lWR1UySnhIZw$ITg8U7Gq2CXByuOOnrKVUg";
        extraPackages = with pkgs; [
          (writeShellScriptBin "pandoc" ''
            export XDG_DATA_HOME=${pandoc-lua-filters}/share
            exec ${pandoc}/bin/pandoc "$@"
          '')

          (texlive.combine {
            inherit (texlive)
              scheme-small
              titlesec
              fontaxes
              supertabular
              xtab
              # boxed quotes
              mdframed
              zref
              needspace
              soul
              atkinson
            ;})

          pandoc-imagine
          haskellPackages.pandoc-crossref
          #haskellPackages.pandoc-plot
          #pandoc-plantuml-filter nodePackages.mermaid-cli

          bash
          bat
          gnumake
          boxes
          graphviz
          #python3Packages.cairosvg

          (python3.withPackages (ps: with ps; [
            numpy
            matplotlib
            #python-lsp-server
          ]))

        ];
      };

      #networking.firewall = {
      #  enable = true;
      #  allowedTCPPorts = [ 80 ];
      #};

    };
  };

  services.nginx.virtualHosts.${mkDomain "code-remote"} = {
    forceSSL = true; # addSSL = true;
    enableACME = true; #useACMEHost = acmeDomain;
    locations."/" = {
      #proxyPass = "http://127.0.0.1:${toString cnt.services.code-server.port}";
      proxyPass = "http://10.240.100.3:${toString cnt.services.code-server.port}";
      proxyWebsockets = true;
    };
  };


}