{ config, pkgs, lib, ... }:
let
  domain = "ha.home.feal.no";
in {
  # Home-assistant - Smart Home Controller
  # https://www.home-assistant.io/installation/linux#install-home-assistant-container
  # The container is supposed to run as "privileged", but I believe this is only to allow device access (dongles/radios/etc.)

  virtualisation.oci-containers.containers = {
    homeassistant = {
      image = "ghcr.io/home-assistant/home-assistant:2024.1";
      extraOptions = [
        "--network=host"
        "--device=/dev/ttyUSB0" # Sonoff Zigbee 3.0 USB
      ];
      volumes = [
        "/tank/services/homeassistant/config:/config"
      ];
      environment = {
        TZ = "Europe/Oslo";
      };
    };
  };

  # Requires addition to configuration.yaml:
  #  http:
  #    server_host: 127.0.0.1
  #    use_x_forwarded_for: true
  #    trusted_proxies: 127.0.0.1
  services.nginx.virtualHosts."${domain}" = {
    locations."/" = {
      proxyPass = "http://127.0.0.1:8123";
      proxyWebsockets = true;
    };
    listen = [
      { addr = "192.168.10.175"; port = 80; ssl = false; }
      { addr = "192.168.10.175"; port = 8123; ssl = false; }
    ];
  };
}