{ config, lib, pkgs, ... }:

with lib;

let
  cfg = config.sydnix.impermanence;
in {
  imports = [
    ./impermanence/rollback.nix
  ];

  options = {
    sydnix.impermanence = {
      enable = mkEnableOption "Impermanence";

      directories = mkOption {
        type = with types; listOf anything;
        default = [];
      };

      files = mkOption {
        type = with types; listOf anything;
        default = [];
      };

      persistDirectory = mkOption {
        default = "/persist";
        type = types.str;
        description = ''
          The directory in which persistent files live.
        '';
      };

      persistGroupName = mkOption {
        default = "persist";
        type = types.str;
        description = ''
          Name of the group whose members have access to the persist directory.
        '';
      };
    };
  };

  config = mkIf cfg.enable {
    # Create a group called `cfg.persistGroupName`
    users.groups.${cfg.persistGroupName} = {
      name = cfg.persistGroupName;
    };

    # Permit members of `cfg.persistGroupName` to read, write, and execute
    # /persist.
    systemd.tmpfiles.settings."10-persist".${cfg.persistDirectory} = {
      z = {
        group = cfg.persistGroupName;
        mode = "2775";
      };
    };

    # TODO: Move this somewhere else.
    programs.fuse.userAllowOther = true;

    environment.persistence."${cfg.persistDirectory}/root" = {
      directories = cfg.directories;
      files = cfg.files;
    };
  };
}