{ lib, pkgs, config, ... }:
let
  cfg = import ./vars.nix;
  webport = cfg.powerdns-admin.port;
  webdbport = cfg.powerdns-admin.dbport;
in
{
  imports = [
    #./podman.nix
    ./podman-postgresql.nix # for the database
    #./nginx.nix             # for the webserver
  ];

  sops.secrets."powerdns-admin/db" = { };
  sops.secrets."powerdns-admin/env" = { };

  services.podman-postgresql."powerdnsadmin" = {
    enable = true;
    image = "docker.io/library/postgres:15-alpine";
    port = (lib.strings.toInt webdbport);
    passwordFile = config.sops.secrets."powerdns-admin/db".path;
  };

  virtualisation.oci-containers.containers.powerdnsadmin = {
    image = "docker.io/powerdnsadmin/pda-legacy";
    environment = {
      TZ = "Europe/Berlin";
    };
    environmentFiles = [ config.sops.secrets."powerdns-admin/env".path ];
    ports = [
      "${webport}:80"
    ];
    extraOptions = cfg.podman.extraOptions;
  };

}
# vim: set et ts=2 sw=2 ai: