{ config, ... }:
let makeNetworkConfig = host: port: join: secret: {
  content = ''
    sasl-plain = prescientmoon:${config.sops.placeholder.${secret}}
    host = ${host}
    port = ${toString port}
    join = ${join}
  '';
  owner = config.services.pounce.user;
};
in
{
  security.acme.certs."wildcard-irc.moonythm.dev" = {
    group = "pounce";
    domain = "*.irc.moonythm.dev";
  };

  sops.secrets.tilde_irc_pass.sopsFile = ../secrets.yaml;
  sops.templates."pounce-tilde.cfg" = makeNetworkConfig "eu.tilde.chat" 6697 "#meta" "tilde_irc_pass";
  # services.pounce = {
  #   enable = true;
  #   externalHost = "irc.moonythm.dev";
  #   certDir = "/var/lib/acme/wildcard-irc.moonythm.dev";
  #   networks.tilde.config = config.sops.templates."pounce-tilde.cfg".path;
  # };
}