{ config, lib, pkgs, nodes, builtins, ... }:

with lib; {
  options = {
    wireguard = {
      enable = mkOption {
        type = types.bool;
        description = "Enable wireguard";
      };
      roaming = mkOption {
        type = types.bool;
        description = "Deploy roaming peers to this host";
        default = false;
      };
      port = mkOption {
        type = types.int;
        description = "Port of the wireguard interface (51820)";
        default = 51820;
      };
      publicKey = mkOption {
        type = types.str;
        description = "Public key of the wireguard interface";
      };
      natInterface = mkOption {
        type = types.str;
        description = "Interface to use for outgoing NAT connections";
        default = "eth0";
      };
      v4 = {
        address = mkOption {
          type = types.str;
          description = "IP of the wireguard interface (10.10.0.1)";
        };
        network = mkOption {
          type = types.str;
          description = "The Network CIDR of the wireguard network (10.10.0.0)";
        };
        prefixLength = mkOption {
          type = types.int;
          description = "Prefix Length of the wireguard interface IP (24)";
          default = 24;
        };
      };
      v6 = {
        address = mkOption {
          type = types.str;
          description = "IP of the wireguard interface ()";
        };
        prefixLength = mkOption {
          type = types.int;
          description = "Prefix Length of the wireguard interface IP (24)";
          default = 64;
        };
        ula = mkOption {
          type = types.str;
          description = "Unique Local Alloctation for IPv6 net";
        };
        gua = mkOption {
          type = types.str;
          description =
            "Global Unique Allocation for IPv6 net, used as base for hosts";
        };
      };
      allowedIPs = mkOption {
        type = types.listOf types.str;
        description = "Extra allowedIPs";
        default = [ ];
      };
    };
  };
}