{ config, pkgs, lib, ... }:
let
  cfg = config.services.vm_netbox;
in
{
  options.services.vm_netbox = {
    enable = lib.mkEnableOption "Enable minimal config";
    db_ip = lib.mkOption {
      type = lib.types.str;
      description = "netbox database IP address";
    };
  };
  config = lib.mkIf cfg.enable {
    services.netbox = {
      enable = true;
      port = 8001;
      settings = {
        ALLOWED_HOSTS = [ "*" ],
        DATABASE = {
          'ENGINE': 'django.db.backends.postgresql',
          'NAME': 'netbox',
          'USER': 'netbox',
          'PASSWORD': 'Netbox43Zer!',
          'HOST': '192.168.1.13',
          'PORT': '5432',
          'CONN_MAX_AGE': 300,
        },
        REDIS = {
          'tasks': {
            'HOST': '192.168.1.16',
            'PORT': 6379,
            'USERNAME': '',
            'PASSWORD': '',
            'DATABASE': 0,
            'SSL': False,
          },
          'caching': {
            'HOST': '192.168.1.16',
            'PORT': 6379,
            'USERNAME': '',
            'PASSWORD': '',
            'DATABASE': 1,
            'SSL': False,
          }
        },
        CSRF_COOKIE_NAME = 'csrftoken',
        CSRF_TRUSTED_ORIGINS = (
          'http://192.168.1.40',
          'https://netbox.le43.eu',
        ),
        DEBUG = False
      };
      secretKeyFile = "/run/secrets/netbox/keyFile";
    };
    networking.firewall.allowedTCPPorts = [ 8001 ];
  };
}