{ config, pkgs, fetchurl, lib, ... }:

{ virtualisation = {
    docker = {
      enable = true;
      enableOnBoot = false;
      liveRestore = false;

      extraOptions = "--ipv6 --fixed-cidr-v6 fd69:2074:9fcd:b0fd::/64";

      autoPrune = {
        enable = true;
      };
    };
  };

  nixpkgs.config.allowUnfree = true;

  programs.chromium = {
    enable = true;
    extensions = [
      "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin
      "aeblfdkhhhdcdjpifhhbdiojplfjncoa" # 1password x
    ];
    homepageLocation = "about:blank";
    defaultSearchProviderSearchURL = "https://duckduckgo.com/?q={searchTerms}";
    defaultSearchProviderSuggestURL = "https://duckduckgo.com/ac/?q={searchTerms}&type=list";
    # https://www.chromium.org/administrators/policy-list-3
    extraOpts = {
      BlockThirdPartyCookies = true;
      CookiesBlockedForUrls = [
        "[*.]smartlock.google.com"
        "[*.]mediumSmartLockSigninAllowed.com"
      ];
      SyncDisabled = true;
      BuiltInDnsClientEnabled = false;
      BrowserSignin = 0;
      EasyUnlockAllowed = false;
      EnableMediaRouter = false;
      CloudPrintProxyEnabled = false;
      CloudPrintSubmitEnabled = false;
      SafeBrowsingEnabled = false;
      RestoreOnStartup = 1; # Restore last session
      AlwaysOpenPdfExternally = true;
      BrowserNetworkTimeQueriesEnabled = false;
      NotificationsAllowedForUrls = [
        "gitlab.satoshipay.tech"
        "calendar.google.com"
      ];
      NotificationsBlockedForUrls = [
        "[.*]reddit.com"
      ];
    };
  };

  environment.systemPackages = with pkgs; [
    awscli
    caddy
    openssl
    chromium
    docker_compose
    mongodb-tools
    pgadmin
    pgcli
    s3cmd
    sops
    unstable.google-cloud-sdk
    unstable.kubernetes
    unstable.kubectx
    unstable.redis-desktop-manager
    unstable.kubernetes-helm
    unstable.helmfile
    unstable.robo3t
    unstable.slack
  ];

  services.mongodb = {
    enable = true;
    replSetName = "rs0";
    dbpath = "/tmp/mongodb";
  };
  systemd.services.mongodb.wantedBy = lib.mkForce  [];
  systemd.timers.mongodb = {
    description = "Delayed startup of MongoDB";
    wantedBy = [ "timers.target" ];
    timerConfig = {
      OnActiveSec = "1 min";
    };
  };
  systemd.services.mongodb-init = {
    description = "Init mongodb replicaset";
    requires = [ "mongodb.service" ];
    script = "${pkgs.mongodb}/bin/mongo --eval 'rs.initiate()'";
  };
  systemd.timers.mongodb-init = {
    wantedBy = [ "timers.target" ];
    timerConfig = {
      OnActiveSec = "2 min";
    };
  };

  services.redis = {
    enable = true;
  };
  systemd.services.redis.wantedBy = lib.mkForce [];
  systemd.timers.redis = {
    description = "Delayed startup of Redis";
    wantedBy = [ "timers.target" ];
    timerConfig = {
      OnActiveSec = "1 min";
    };
  };


  services.printing.drivers = with pkgs; [
  ];

  networking.domain = "satoshipay.io";

  networking.extraHosts = ''
    127.0.0.1 blogger.local wallet.satoshipay.local api.satoshipay.local ws.satoshipay.local
  '';
}