{ config, lib, pkgs, ... }:

with lib;
let
  hostname = config.instance.hostname;
  secrets = config.fudo.secrets.host-secrets.${hostname};
  
in {
  config = {
    fudo = {
      jabber = {
        enable = true;

        secret-files = {
          LDAP_PASSWORD = secrets.jabber-ldap-password.target-file;
        };

        sites = {
          "fudo.im" = {
            site-config = {
              auth_method = "ldap";
              ldap_servers = [ "auth.fudo.org" ];
              ldap_port = 389;
              ldap_rootdn = "cn=jabber,dc=fudo,dc=org";
              ldap_password = ''"LDAP_PASSWD"'';
              ldap_base = "ou=members,dc=fudo,dc=org";
              ldap_filter = "(objectClass=posixAccount)";
              ldap_uids = { uid = "%u"; };

              modules = {
                mod_adhoc = {};
                mod_announce = {};
                mod_avatar = {};
                mod_blocking = {};
                mod_caps = {};
                mod_carboncopy = {};
                mod_client_state = {};
                mod_configure = {};
                mod_disco = {};
                mod_fail2ban = {};
                mod_last = {};
                mod_offline = {
                  access_max_user_messages = 5000;
                };
                mod_ping = {};
                mod_privacy = {};
                mod_private = {};
                mod_pubsub = {
                  access_createnode = "pubsub_createnode";
                  ignore_pep_from_offline = true;
                  last_item_cache = false;
                  plugins = [
                    "flat"
                    "pep"
                  ];
                };
                mod_roster = {};
                mod_stream_mgmt = {};
                mod_time = {};
                mod_vcard = {
                  search = false;
                };
                mod_vcard_xupdate = {};
                mod_version = {};
              };
            };
          };

          "backplane.fudo.org" = {
            site-config = {
              auth_method = "external";
              extauth_program = "${pkgs.guile}/bin/guile -s ${backplane-auth}";
              extauth_pool_size = 3;
              auth_use_cache = true;

              modules = {
                mod_adhoc = {};
                mod_caps = {};
                mod_carboncopy = {};
                mod_client_state = {};
                mod_configure = {};
                mod_disco = {};
                mod_fail2ban = {};
                mod_last = {};
                mod_offline = {
                  access_max_user_messages = 5000;
                };
                mod_ping = {};
                mod_pubsub = {
                  access_createnode = "pubsub_createnode";
                  ignore_pep_from_offline = true;
                  last_item_cache = false;
                  plugins = [
                    "flat"
                    "pep"
                  ];
                };
                mod_roster = {};
                mod_stream_mgmt = {};
                mod_time = {};
                mod_version = {};
              };
              
            };
          };
        };
      };
    };
  };
}