{ config, lib, pkgs, ... }:
let
  cfg = config.sbruder.mailserver;

  mkConfigFile = domain: pkgs.writeText "config-v1.1.xml" ''
    <?xml version="1.0" encoding="UTF-8"?>
    <clientConfig version="1.1">
      <emailProvider id="${lib.escapeXML domain}">
        <domain>${lib.escapeXML domain}</domain>
        <displayName>${lib.escapeXML domain}</displayName>
        <displayShortName>${lib.escapeXML domain}</displayShortName>
        <incomingServer type="imap">
          <hostname>${lib.escapeXML cfg.fqdn}</hostname>
          <port>993</port>
          <socketType>SSL</socketType>
          <authentication>password-cleartext</authentication>
          <username>%EMAILADDRESS%</username>
        </incomingServer>
        <outgoingServer type="smtp">
          <hostname>${lib.escapeXML cfg.fqdn}</hostname>
          <port>465</port>
          <socketType>SSL</socketType>
          <authentication>password-cleartext</authentication>
          <username>%EMAILADDRESS%</username>
        </outgoingServer>
      </emailProvider>
    </clientConfig>
  '';
in
{
  options.sbruder.mailserver.autoconfig = {
    enable = lib.mkEnableOption "autoconfiguration of compatible clients. Requires autoconfig.<domain> to exist for all specified domains";
  };

  config = lib.mkIf cfg.enable {
    services.nginx = lib.mkIf cfg.autoconfig.enable {
      enable = true;
      virtualHosts = lib.listToAttrs (map
        (domain: lib.nameValuePair "autoconfig.${domain}" {
          enableACME = true;
          forceSSL = true;

          locations."=/mail/config-v1.1.xml".alias = mkConfigFile domain;
        })
        cfg.domains);
    };
  };
}