/*

  Name:     https://en.wikipedia.org/wiki/Skynet_(Terminator)
  Why:      Skynet is eternal
  Type:     VM
  Hardware: -
  From:     2023
  Role:     Webserver and member linux box
  Notes:    Does not host offical sites

*/

{ pkgs, lib, nodes, inputs,  ... }:
let
  name      = "skynet";
  # DMZ that ITD provided
  ip_pub    = "193.1.96.165";
  hostname  = "${name}.skynet.ie";

in {
  imports = [
    #../applications/skynet.ie.nix
  ];

  deployment = {
    targetHost = ip_pub;
    targetPort = 22;
    targetUser = "root";

    tags = [ "active-core" ];
  };

  # it has two network devices so two
  skynet_dns.records = [
    {record=name;   r_type="A";   value=ip_pub;  server=true;}
    {record=ip_pub; r_type="PTR"; value=hostname;}
  ];

  services.skynet_backup.host = {
    ip = ip_pub;
    name = name;
  };

  # allow more than admins access
  services.skynet_ldap_client = {
    groups = [
      "skynet-admins-linux"
      "skynet-users-linux"
    ];
  };

  proxmoxLXC.manageNetwork = true;
  networking = {
    hostName = name;
    # needed to use the dmz first
    defaultGateway = lib.mkForce "193.1.96.161";

    interfaces.eth1.ipv4.addresses = [
      {
        address = ip_pub;
        prefixLength = 28;
      }
    ];
  };

#  services.skynet = {
#    host = {
#      # website is still hosted on the internal IP
#      ip = ip_priv;
#      name = name;
#    };
#  };
}