{ config, pkgs, ... }:

{
  systemd.services.numbus-activation-chowned = {
    description = "Numbus-Server activation : Correct permissions";
    wantedBy = [ "multi-user.target" "traefik.service" ];
    after = [ "network.target" "local-fs.target" ];
    path = [ pkgs.coreutils ];
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
    };
    script = ''
      #!/usr/bin/env bash

      if [[ -e /home/numbus-admin/.numbus-server/chowned.true ]]; then
        exit 0
      fi

      mkdir -p /mnt/config/ /mnt/data/ /mnt/data/nextcloud/ 
      mkdir -p /home/numbus-admin/.numbus-server/
      chown -R numbus-admin:users /mnt/config/
      chown -R numbus-admin:users /mnt/data/
      chown -R 100032:users /mnt/data/nextcloud/
      chown -R numbus-admin:users /home/numbus-admin/.numbus-server/

      touch /home/numbus-admin/.numbus-server/chowned.true
    '';
  };

  systemd.services.numbus-activation-networked = {
    description = "Numbus-Server activation : Create podman networks";
    wantedBy = [ "multi-user.target" "traefik.service" ];
    before = [ "traefik.service" ];
    after = [ "network.target" "local-fs.target" "numbus-activation-chowned.service" ];
    path = [ pkgs.podman pkgs.coreutils ];
    serviceConfig = {
      User = "numbus-admin";
      Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
      Type = "oneshot";
      RemainAfterExit = true;
    };
    script = ''
      #!/usr/bin/env bash

      export PATH=$PATH:/run/wrappers/bin

      if [[ -e /home/numbus-admin/.numbus-server/networked.true ]]; then
        exit 0
      fi

PODMAN_NETWORKS
      mkdir -p /home/numbus-admin/.numbus-server/
      touch /home/numbus-admin/.numbus-server/networked.true
    '';
  };
}