{ config, lib, ... }:
let
  domain = "freun.dev";
  fqdn = "social.${domain}";
  port = 3500;
in
{
  services.gotosocial = {
    enable = true;
    environmentFile = "/var/secrets/gotosocial.env";
    settings = {
      host = "social.freun.dev";
      account-domain = "freun.dev";
      protocol = "https";
      bind-address = "localhost";
      instance-languages = [ "de" "fi" "en" ];
      instance-inject-mastodon-version = true;
      accounts-registration-open = true;
      instance-expose-public-timeline = true;
      letsencrypt-enabled = false;
      smtp-host = "horologium.uberspace.de";
      smtp-port = 587;
      smtp-username = "noreply@freun.dev";
      smtp-from = "noreply@freun.dev";
      inherit port;
    };
    setupPostgresqlDB = true;
  };

  modules.webserver.vHosts = {
    ${domain}.locations = lib.listToAttrs (
      lib.map
        (path: {
          name = "/.well-known/${path}";
          value.extraConfig = ''
            rewrite ^.*$ https://${fqdn}/.well-known/${path} permanent;
          '';
        }) [
        "host-meta"
        "webfinger"
        "nodeinfo"
      ]
    );

    "${fqdn}".locations."/".proxyPort = port;
  };
}