{ config, pkgs, lib, ... }:
with lib;
let
  makeBackup = pkgs.writeScript "make-backupdl" ''
    #!${pkgs.bash}/bin/bash

    set -e

    export PATH=${pkgs.rsync}/bin:${pkgs.openssh}/bin

    FILENAME=backup-`${pkgs.coreutils}/bin/date +%F`.tar.bz2.gpg

    ssh nixbld.m-labs.hk mlabs-backup > /hdd/backupdl/backupdl/$FILENAME
    rsync -az nixbld.m-labs.hk:/var/lib/nextcloud/data /hdd/backupdl/nextcloud
  '';

  cfg = config.services.backupdl;
in
{
  options.services.backupdl = {
    enable = mkOption {
      type = types.bool;
      default = false;
      description = "Enable backups";
    };
  };

  config = mkIf cfg.enable {
    systemd.services.backupdl = {
      description = "Nixbld backups download";
      serviceConfig = {
        Type = "oneshot";
        User = "backupdl";
        Group = "backupdl";
        ExecStart = "${makeBackup}";
      };
    };

    users.users.backupdl = {
      name = "backupdl";
      group = "backupdl";
      description = "Nixbld backups download";
      isSystemUser = true;
      createHome = true;
      home = "/hdd/backupdl";
      useDefaultShell = true;
    };
    users.extraGroups.backupdl = {};

    systemd.timers.backupdl = {
      description = "Nixbld backups download";
      wantedBy = [ "timers.target" ];
      timerConfig.OnCalendar = "wednesday,sunday *-*-* 08:00:00";
    };
  };
}