{ config, pkgs, lib, ... }:
  with lib;
  let
    cfg = config.services.skynet_games_minecraft;
  in {

  imports = [
    ../firewall.nix
    ../dns.nix

    ../acme.nix
    ../nginx.nix
  ];

  options.services.skynet_games_minecraft = {
    enable = mkEnableOption "Skynet Games Minecraft";

    host = {
      ip = mkOption {
        type = types.str;
      };

      name = mkOption {
        type = types.str;
      };
    };

    domain = {
      tld = mkOption {
        type = types.str;
        default = "ie";
      };

      base = mkOption {
        type = types.str;
        default = "skynet";
      };

      sub = mkOption {
        type = types.str;
        default = "minecraft.games";
      };
    };
  };

  config = mkIf cfg.enable {
    skynet_firewall.forward = [
      "ip daddr ${cfg.host.ip} tcp dport 80 counter packets 0 bytes 0 accept"
      "ip daddr ${cfg.host.ip} tcp dport 443 counter packets 0 bytes 0 accept"
      "ip daddr ${cfg.host.ip} tcp dport 25565 counter packets 0 bytes 0 accept"
    ];

    skynet_dns.records = {
      external = [];
      cname = [
        # create a sub-subdomain for each game
        "compsoc_classic.${cfg.domain.sub}  CNAME   ${cfg.host.name}"
                "compsoc.${cfg.domain.sub}  CNAME   ${cfg.host.name}"

    "map.compsoc_classic.${cfg.domain.sub}  CNAME   ${cfg.host.name}"
                #"compsoc.minecraft.games  CNAME   games"
      ];
    };

    networking.firewall.allowedTCPPorts = [
      # for the proxy
      25565

      # the servers
      20000

      20001
    ];

    services.nginx.virtualHosts."compsoc_classic.${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" = {
      forceSSL = true;
      useACMEHost = "skynet";
      locations."/map/".alias = "/etc/games/minecraft/compsoc/classic/config/plugins/dynmap/web/";
    };

    # arion is one way to use docker on nixos
    # see https://gitlab.com/c2842/computer_society/nixos/-/blob/733b867f4782afa795848135a83e97a5cafaf16a/applications/games/minecraft.nix
    # for an example of a single compose file with multiple services
    virtualisation.arion = {
      backend = "docker";
      projects = {

        minecraft_proxy.settings.services.mc_proxy.service = {
          image = "itzg/mc-router:1.18.0";
          ports = [ "25565:25565/tcp" ];
          expose = [ "25565" ];
          command = [
            "--mapping=compsoc_classic.minecraft.games.skynet.ie=172.17.0.1:20000,compsoc.minecraft.games.skynet.ie=172.17.0.1:20001"
          ];
        };

        minecraft_compsoc_classic.settings.services.compsoc_classic.service = {
          image = "nimmis/spigot:latest";
            # setting these here as they arent special
            environment = {
              # this is what it last ran on
              SPIGOT_VER="1.18.2";
              EULA="true";
            };

            # where the config files are stored
            volumes = [  "/etc/games/minecraft/compsoc/classic/config:/minecraft" ];

            ports = [
              "20000:25565/tcp"
            ];
        };

        minecraft_compsoc.settings.services.compsoc_test.service = {
          image = "nimmis/spigot:latest";
          environment = {
            # this is what it last ran on
            SPIGOT_VER="1.18.2";
            EULA="true";
          };

          # where the config files are stored
          volumes = [ "/etc/games/minecraft/compsoc/current/config:/minecraft" ];

          ports = [
            "20001:25565/tcp"
          ];
        };
      };
    };
  };
}