# Auto-generated using compose2nix v0.3.3-pre.
{
  pkgs,
  lib,
  config,
  ...
}:

{
  # Runtime
  virtualisation.podman = {
    enable = true;
    autoPrune.enable = true;
    dockerCompat = true;
  };

  # Enable container name DNS for all Podman networks.
  networking.firewall.interfaces =
    let
      matchAll = if !config.networking.nftables.enable then "podman+" else "podman*";
    in
    {
      "${matchAll}".allowedUDPPorts = [ 53 ];
    };

  virtualisation.oci-containers.backend = "podman";

  # Containers
  virtualisation.oci-containers.containers."3xui_app" = {
    image = "localhost:7443/compose2nix/3xui_app";
    environment = {
      "XRAY_VMESS_AEAD_FORCED" = "false";
      "XUI_ENABLE_FAIL2BAN" = "true";
    };
    volumes = [
      "/mnt/containers/3x-ui/cert/:/root/cert:rw"
      "/mnt/containers/3x-ui/db/:/etc/x-ui:rw"
    ];
    log-driver = "journald";
    extraOptions = [
      "--network=host"
    ];
  };
  systemd.services."podman-3xui_app" = {
    serviceConfig = {
      Restart = lib.mkOverride 90 "always";
    };
    partOf = [
      "podman-compose-3x-ui-root.target"
    ];
    wantedBy = [
      "podman-compose-3x-ui-root.target"
    ];
  };

  # Builds
  systemd.services."podman-build-3xui_app" = {
    path = [
      pkgs.podman
      pkgs.git
    ];
    serviceConfig = {
      Type = "oneshot";
      TimeoutSec = 300;
    };
    script = ''
      cd /mnt/containers/3x-ui
      podman build -t compose2nix/3xui_app -f ./Dockerfile .
    '';
  };

  # Root service
  # When started, this will automatically create all resources and start
  # the containers. When stopped, this will teardown all resources.
  systemd.targets."podman-compose-3x-ui-root" = {
    unitConfig = {
      Description = "Root target generated by compose2nix.";
    };
    wantedBy = [ "multi-user.target" ];
  };
}