{ config, pkgs, lib, ... }:

with lib;

let
  # Container config
  name = "it-tools";
  # Version tagging
  it-toolsVersion = "2024.10.22-7ca5933";
  # Helper
  helper = import ../service-helper.nix { inherit config pkgs lib; };
  cfg = config.numbus-server.services.it-tools;
in

helper.mkPodmanService {
  inherit name;
  description = "IT-tools, useful tools when doing IT";
  pod = "false";
  defaultPort = "8880";
  configDirEnabled = false;
  dataDirEnabled = false;
  middlewares = [
    "secureHeaders"
  ];

# Compose file good
  composeText = ''
    services:
      it-tools:
        image: docker.io/corentinth/it-tools:${it-toolsVersion}
        container_name: it-tools
        hostname: it-tools
        user: '1000:1000'
        networks:
          it-tools:
            ipv4_address: 10.89.200.253
        ports:
          - "${cfg.port}:80/tcp"
        security_opt:
          - no-new-privileges:true
        cap_drop:
          - NET_RAW
        restart: unless-stopped

        networks:
          it-tools:
            driver: bridge
            name: it-tools
            ipam:
              config:
                - subnet: "10.89.200.0/24"
                  gateway: "10.89.200.254"
  '';
}