{pkgs, ...}:

let
  # Import the inquisitor package
  inquisitorSource = pkgs.fetchFromGitHub {
    owner = "Jaculabilis";
    repo = "Inquisitor";
    rev = "9001bd8f920cc120f38e998d63a8134969a00032";
    sha256 = "0nx1dszvmn6a86jhj3c9607jqy0bmijjjz3jb3v5lsnpwwkjs5w6";
  };
  inquisitor = pkgs.callPackage inquisitorSource {};

  # Create the inquisitor config file in the nix store
  inquisitorConfig = pkgs.writeTextFile {
    name = "inquisitor.conf";
    text = ''
      DataPath = /var/lib/inquisitor/data/
      SourcePath = /var/lib/inquisitor/sources/
      CachePath = /var/lib/inquisitor/cache/
      Verbose = false
      LogFile = /var/log/inquisitor.log
    '';
  };

  # Create the inquisitor run script
  # TODO gunicorn
  inquisitorRun = pkgs.writeShellScriptBin "run.sh" ''
    # Ensure inquisitor directories and inquisitor source folder
    ${pkgs.coreutils}/bin/mkdir -p /var/lib/inquisitor/data/inquisitor/ || exit
    ${pkgs.coreutils}/bin/mkdir -p /var/lib/inquisitor/sources/
    ${pkgs.coreutils}/bin/mkdir -p /var/lib/inquisitor/cache/
    if [ ! -f /var/lib/inquisitor/data/inquisitor/state ]; then
      ${pkgs.coreutils}/bin/echo "{}" > /var/lib/inquisitor/data/inquisitor/state
    fi

    # Run inquisitor
    cd /var/lib/inquisitor/
    INQUISITOR_CONFIG=${inquisitorConfig} ${inquisitor}/bin/inquisitor run
  '';

  # Create a wrapper script to let users call into inquisitor safely
  inquisitorWrapper = pkgs.writeShellScriptBin "inq" ''
    INQUISITOR_CONFIG=${inquisitorConfig} ${inquisitor}/bin/inquisitor "$@"
  '';
in
{
  # Create a user for the service
  users.users.inquisitor = {
    description = "Inquisitor service user";
    isSystemUser = true;
    packages = [ inquisitor ];
  };

  # Give all users the inq wrapper
  environment.systemPackages = [ inquisitorWrapper ];

  # Set up the inquisitor service
  systemd.services.inquisitor =
  let
    inquisitorSetup = pkgs.writeShellScriptBin "setup.sh" ''
      ${pkgs.coreutils}/bin/mkdir -p /var/lib/inquisitor &&
      ${pkgs.coreutils}/bin/chown inquisitor /var/lib/inquisitor
    '';
  in {
    description = "Inquisitor server";
    script = "${inquisitorRun}/bin/run.sh";
    serviceConfig = {
      User = "inquisitor";
      Type = "simple";
      ExecStartPre = "+${inquisitorSetup}/bin/setup.sh";
    };
    wantedBy = [ "multi-user.target" ];
    after = [ "network.target" ];
    enable = true;
  };
}