{ inputs, lib, config, microvm, ... }:
let
  cfg = config.services.vm;
in
{
  options.services.vm = {
    enable = lib.mkEnableOption "Enable NixOS microvm config";
    hostname = lib.mkOption {
      type = lib.types.str;
      description = "The VM hostname";
    };
    vm_ip = lib.mkOption {
      type = lib.types.str;
      description = "The VM IP address";
    };
    macAddr = lib.mkOption {
      type = lib.types.str;
      description = "The VM MAC Address";
    };
    vm_mem = lib.mkOption {
      type = lib.types.int;
      description = "The VM memory count";
      default = 0;
    };
    vm_cpu = lib.mkOption {
      type = lib.types.int;
      description = "The VM CPU count";
      default = 1;
    };
  };
  config = lib.mkIf cfg.enable {
    microvm = {
      vcpu = cfg.vm_cpu;
      balloonMem = cfg.vm_mem;
      volumes = [
        {
          mountPoint = "/var";
          image = "/var/lib/microvms/${cfg.hostname}/var.img";
          size = 8192;
        }
      ];
      shares = [
        {
          proto = "virtiofs";
          tag = "ro-store";
          source = "/nix/store";
          mountPoint = "/nix/.ro-store";
        }
        {
          proto = "virtiofs";
          tag = "${cfg.hostname}-env";
          source = "/var/lib/microvms/${cfg.hostname}/env";
          mountPoint = "/run/secrets/${cfg.hostname}";
        }
      ];
      interfaces = [ {
        type = "tap";
        id = "vm-${cfg.hostname}";
        mac = "${cfg.macAddr}";
      } ];

      hypervisor = "qemu";
      socket = "control.socket";
    };
    systemd.network.enable = true;

    systemd.network.networks."20-lan" = {
      matchConfig.Type = "ether";
      networkConfig = {
        Address = ["${cfg.vm_ip}/24"];
        Gateway = "192.168.1.254";
        DNS = ["192.168.1.254"];
        IPv6AcceptRA = true;
        DHCP = "no";
      };
    };
  };
}