{ config, ... }:
let
  fqdn = "social.freun.dev";
  port = 3500;
in
{
  services.gotosocial = {
    enable = true;
    environmentFile = "/var/secrets/gotosocial.env";
    settings = {
      host = "social.freun.dev";
      account-domain = "freun.dev";
      protocol = "https";
      bind-address = "localhost";
      instance-languages = [ "de" "fi" "en" ];
      instance-inject-mastodon-version = true;
      accounts-registration-open = true;
      instance-expose-public-timeline = true;
      letsencrypt-enabled = false;
      smtp-host = "horologium.uberspace.de";
      smtp-port = 587;
      smtp-username = "noreply@freun.dev";
      smtp-from = "noreply@freun.dev";
      inherit port;
    };
    setupPostgresqlDB = true;
  };

  services.caddy.virtualHosts = {
    "freun.dev".extraConfig = ''
      redir /.well-known/host-meta* https://${fqdn}{uri} permanent
      redir /.well-known/webfinger* https://${fqdn}{uri} permanent
      redir /.well-known/nodeinfo* https://${fqdn}{uri} permanent
    '';

    "${fqdn}".extraConfig = ''
      reverse_proxy localhost:${toString config.services.gotosocial.settings.port} {
        flush_interval -1
      }
    '';
  };
}