{ pkgs, inputs, config, ... }:
let
  fqdn = "ws.freun.dev";
  port = 3344;
  workout-sync = inputs.workout-sync.packages.${pkgs.system}.default;
in
{
  systemd.services.workout-sync = {
    enable = true;
    description = "Workout sync service";
    environment = {
      PORT = toString port;
      WORKOUT_TRACKER_URL = "http://localhost:${toString config.services.workout-tracker.port}";
    };
    serviceConfig = {
      ExecStart = "${workout-sync}/bin/workout-sync";
      Restart = "always";
      DynamicUser = true;
      EnvironmentFile = "/var/secrets/workout-sync.env";
    };
    wantedBy = [ "multi-user.target" ];
    confinement.enable = true;
  };

  modules.webserver.vHosts.${fqdn}.locations."/".proxyPort = port;
}