{ config, pkgs, ... }:
let
  frontendConfig = {
        alwaysShowSubjectInput = true;
        background = "/static/bg.png";
        collapseMessageWithSubject = false;
        greentext = false;
        hideFilteredStatuses = false;
        hideMutedPosts = false;
        hidePostStats = false;
        hideSitename = false;
        hideUserStats = false;
        loginMethod = "password";
        logo = "/static/logo.png";
        logoMargin = ".1em";
        logoMask = true;
        logoLeft = false;
        nsfwCensorImage = "";
        postContentType = "text/plain";
        redirectRootLogin = "/main/friends";
        redirectRootNoLogin = "/main/all";
        showFeaturesPanel = true;
        showInstanceSpecificPanel = true;
        sidebarRight = false;
        subjectLineBehavior = "email";
        theme = "kemonomimi-theme";
        webPushNotifications = true;
      };
in
{
  # probably move them out? atm they stay since they only serve kemonomimi
  services.cloudflared.enable = true;
  services.cloudflared.tunnels."65c093ce-a3ac-4369-b240-2169514be106" = {
    credentialsFile = "/etc/secrets/65c093ce-a3ac-4369-b240-2169514be106.json";
    ingress = {
      "kemonomimi.pet" = "http://localhost:8679";
      "fedi.kemonomimi.pet" = "http://localhost:8678";
      "media.kemonomimi.pet" = "http://localhost:8678";
    };
    default = "http_status:404";
  };

  services.akkoma.enable = true;
  # ill have to enable this
  # services.akkoma.config.":pleroma".":media_proxy" = {
  #   enabled = true;
  #   proxy_opts.redirect_on_failure = true;
  # };
  services.akkoma.config = {
    ":pleroma" = {
      "Pleroma.Captcha".enabled = false;

      ":instance" = {
        name = "Kemonomimi.pet";
        description = "Akkoma instance for kemonomimi.pet";
        email = "admin@kemonomimi.pet";
        registrations_open = false;
	healthcheck = true;
	allow_relay = true;
	public = true;
      };

      "Pleroma.Web.Endpoint" = {
      	url.host = "fedi.kemonomimi.pet";
	url.port = 443;
	url.scheme = "https";
        http.ip = "127.0.0.1";
        http.port = 8678;
      };
      ":configurable_from_database" = false;
      "Pleroma.Upload".base_url = "https://media.kemonomimi.pet:443/media";

      ":frontend_configurations" = {
        pleroma_fe = frontendConfig;
      };
    };
  };
  services.akkoma.frontends.admin.name = "admin-fe";
  services.akkoma.frontends.admin.ref = "stable";
  services.akkoma.frontends.admin.package = pkgs.akkoma-admin-fe;

  services.akkoma.frontends.primary.name = "akkoma-fe";
  services.akkoma.frontends.primary.ref = "stable";
  services.akkoma.frontends.primary.package =
    pkgs.runCommand "akkoma-fe"
    {
      config = builtins.toJSON frontendConfig;
      nativeBuildInputs = with pkgs; [
        jq
        lndir
      ];
      passAsFile = [ "config" ];
    }
    ''
      mkdir $out
      lndir ${pkgs.akkoma-fe} $out

      rm $out/static/config.json
      jq -s add ${pkgs.akkoma-fe}/static/config.json $configPath \
        > $out/static/config.json
    '';

  services.akkoma.extraStatic = 
    let
      mkPackage = src: pkgs.runCommand "akkoma-asset" {} ''
        cp -r ${src} $out
      '';
    in {
      "favicon.png" = mkPackage ../akkoma-static/favicon.png;
      "static"      = mkPackage ../akkoma-static/static;
      "instance"    = mkPackage ../akkoma-static/instance;
    };

  systemd.services.local-static-http = {
    description = "Temporary server for under construction";
    wants = [ "network.target" ];
    after = [ "network.target" ];
    serviceConfig = {
      ExecStart = "${pkgs.python3}/bin/python3 -m http.server 8679 --bind 127.0.0.1";
      WorkingDirectory = "/var/www/kemonomimi.pet";
      Restart = "on-failure";
      User = "daniel";
    };
    wantedBy = [ "multi-user.target" ];
  };
  
}