{ config, lib, pkgs, ... }:

let cfg = config.sydnix.syncthing;
in {
  options.sydnix.syncthing = {
    enable = lib.mkEnableOption "Syncthing";
    includeDevices = lib.mkOption {
      type =
        lib.types.listOf
          (lib.types.enum (builtins.attrNames cfg.devices));
      default = [];
      description = ''
        A list of device names to sync with.  See the read-only option
        `sydnix.syncthing.devices` for the concrete details.
      '';
    };
    devices = lib.mkOption {
      # This should generally be in sync with modules/home/syncthing.nix.
      default = {
        "guix-rebound".id =
          "Q5B6LIV-5HQMWWV-XFQL5IT-PHP7PVE-XFWUVHK-F6WJ42C-OPMR4M7-GFNK3AG";
        "deertopia".id =
          "OO6XGGQ-SORH6XW-YEMN3T3-CSW5QOO-2IRB2QE-NZOL6JE-RAV36GS-WZXXLQV";
        "nixos-testbed".id =
          "BO3AESA-LBKMZW7-QFE7NTT-GF62DOA-PYUACYU-HNTNYI5-EMF6PAN-TR6YHAL";
        "sydpc".id =
          "XROSJRC-SLAAOTG-L3HQ5TT-WAKL5PJ-QAIFJEY-FUG5AAO-5ACBTA3-MGQQFQI";
      };
      readOnly = true;
      description = ''
        The read-only 'universe' of devices available.  A subset of these
        devices — those named by `sydnix.syncthing.includeDevices` — will be
        handed to Syncthing's module.  This should generally match the option of
        the same name in the NixOS module, `sydnix.syncthing.devices`.
      '';
    };
    directories = lib.mkOption {
      type = lib.types.anything;
      default = {};
      description = ''
        Directly handed to `services.syncthing.settings.folders`.
      '';
    };
  };

  config = lib.mkIf cfg.enable {

    # TODO: sydnix.syncthing module
    sydnix.impermanence.directories =
      let xdg-state-dir = 
            config.home.statehome
              or "${config.home.homeDirectory}/.local/state";
      in [
        # HACK: This relies on behaviour that is not explicitly defined by the
        # Syncthing Home-manager module.  We have to trust that $XDG_STATE_DIR,
        # at the time of syncthing.service's start, does not differ from this
        # value defined in Nix.  Perhaps a PR to home-manager adding an option
        # `services.syncthing.stateDir` would be good.
        #
        # If Syncthing ever breaks, make sure they didn't start using a different path:
        # https://github.com/nix-community/home-manager/blob/master/modules/services/syncthing.nix
        #
        # Evidence for using this path is found at: (permalink)
        # https://github.com/nix-community/home-manager/blob/6d3163aea47fdb1fe19744e91306a2ea4f602292/modules/services/syncthing.nix#L624
        
        # Hack aside, this directory must be persisted to, at least
        #  1. Preserve the device ID.
        (lib.removePrefix config.home.homeDirectory "${xdg-state-dir}/syncthing")
      ];

    services.syncthing = {
      enable = true;
      overrideDevices = true;
      overrideFolders = true;
      settings = {
        gui = {
          # TODO: Figure out how to read credentials from a file.
          # tls = true;
          user = "lain";
          password = "my-awesome-password";
        };
        devices =
          lib.filterAttrs
            (k: _v: builtins.elem k cfg.includeDevices)
            cfg.devices;
        folders = cfg.directories;
      };
    };
  };
}