{ config, pkgs, ... }:

let
  container_name = "immich";
  compose-dir = "docker-compose/immich";
  config-dir = "/mnt/config-storage/docker-data/immich";
in

{
  config = {
    environment.etc."${compose-dir}/compose.yaml".text =
      /*
      yaml
      */
      ''
        services:
          immich-server:
            image: ghcr.io/immich-app/immich-server:$IMMICH_VERSION
            container_name: immich-server
            networks:
              immich_frontend:
              immich_backend:
            volumes:
              - $UPLOAD_LOCATION:/data
              - /etc/localtime:/etc/localtime:ro
            # --- immich devices --- #
            labels:
              - traefik.enable=true
              - traefik.http.services.immich.loadbalancer.server.port=2283
              - traefik.http.services.immich.loadbalancer.server.scheme=http
              - traefik.http.routers.immich-https.entrypoints=websecure
              - traefik.http.routers.immich-https.rule=Host(`immich.$DOMAIN_NAME`)
              - traefik.http.routers.immich-https.tls=true
              - traefik.http.routers.immich-https.tls.certresolver=cloudflare
            env_file:
              - .env
            depends_on:
              - immich-redis
              - immich-database
            restart: always
            healthcheck:
              disable: false

          immich-machine-learning:
            container_name: immich-machine-learning
            image: ghcr.io/immich-app/immich-machine-learning:$IMMICH_VERSION
            networks:
              immich_backend:
            volumes:
              - ${config-dir}/models:/cache
            env_file:
              - .env
            restart: always
            healthcheck:
              disable: false

          immich-redis:
            container_name: immich-redis
            image: docker.io/valkey/valkey:8-bookworm@sha256:a137a2b60aca1a75130022d6bb96af423fefae4eb55faf395732db3544803280
            networks:
              immich_backend:
            healthcheck:
              test: redis-cli ping || exit 1
            restart: always

          immich-database:
            container_name: immich-database
            image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:32324a2f41df5de9efe1af166b7008c3f55646f8d0e00d9550c16c9822366b4a
            networks:
              immich_backend:
            shm_size: 128mb
            volumes:
              # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
              - $DB_DATA_LOCATION:/var/lib/postgresql/data
            environment:
              POSTGRES_PASSWORD: $DB_PASSWORD
              POSTGRES_USER: $DB_USERNAME
              POSTGRES_DB: $DB_DATABASE_NAME
              POSTGRES_INITDB_ARGS: '--data-checksums'
            restart: always
            healthcheck:
              disable: false

        networks:
          immich_backend:
            external: true
          immich_frontend:
            external: true
      '';

    systemd.services.immich = {
      description = "Docker container : ${container_name}";
      after = [ "network.target" "docker.service" "docker.socket" "traefik.service" ];
      requires = [ "docker.service" ];
      wantedBy = ["multi-user.target"];
      path = [ pkgs.docker ];

      serviceConfig = {
        Type = "exec";
        # Pull the latest image before running
        ExecStartPre = "${pkgs.docker}/bin/docker compose -f /etc/${compose-dir}/compose.yaml pull";
        # Bring the service up
        ExecStart = "${pkgs.docker}/bin/docker compose -f /etc/${compose-dir}/compose.yaml up --remove-orphans";
        # Take it down gracefully
        ExecStop = "${pkgs.docker}/bin/docker compose -f /etc/${compose-dir}/compose.yaml down";

        Restart = "on-failure";
      };
    };
  };
}