{
    config,
    pkgs,
    ...
}: let
    service-name = "discord-autodelete";
    uid = 989;
    gid = 5638;
in {
    age.secrets.discord-autodelete-config.file = ../../secrets/discord-autodelete-config.age;

    users = {
        users.${service-name} = {
            isSystemUser = true;
            group = service-name;
            home = "/var/lib/${service-name}";
            inherit uid;
            subUidRanges = [{
                startUid = 200000;
                count = 65536;
            }];
            subGidRanges = [{
                startGid = 200000;
                count = 65536;
            }];
        };
        groups = {
            ${service-name}.gid = gid;
        };
    };

    services.dbus.enable = true;

    environment.systemPackages = with pkgs; [ dbus ];

    systemd.tmpfiles.rules = [
      "d /var/lib/${service-name} 0700 ${service-name} ${toString gid}"
      "d /var/lib/${service-name}/data 0700 ${service-name} ${toString gid}"
    ];

    systemd.services."${config.virtualisation.oci-containers.backend}-${service-name}".serviceConfig = {
        User = service-name;
    };

    virtualisation.oci-containers.containers.${service-name} = {
        image = "ksurl/autodelete-discord";
        autoStart = true;
        ports = [ "5638:5638" ];
        volumes = [
            "/var/lib/${service-name}/data:/${service-name}/data"
            "${config.age.secrets.discord-autodelete-config.path}:/${service-name}/config.yml"
        ];
        user = "${service-name}:${service-name}";
    };
}