{ config, lib, pkgs, ... }:

let
  staticConfig = import ./configuration/static.nix { inherit lib config; };
  middlewaresConfig = import ./configuration/middlewares.nix { inherit lib config; };
  routersConfig = import ./configuration/routers.nix { inherit lib config; };
  servicesConfig = import ./configuration/services.nix { inherit lib config; };
in
{
  services.traefik = {
    enable = true;

    # ==== Static Configuration ====
    staticConfigOptions = staticConfig;

    # ==== Dynamic Configuration ====
    dynamicConfigOptions.http = {
      routers = routersConfig;
      services = servicesConfig;
      middlewares = middlewaresConfig;

      serversTransports = {
        insecureTransport = {
          insecureSkipVerify = true;
        };
      };
    };
  };

  systemd.services.traefik.serviceConfig.Environment = [
    "CLOUDFLARE_DNS_API_TOKEN=gQYyG6cRw-emp_qpsUj9TrkYgoVC1v9UUtv94ozA"
    "CLOUDFLARE_ZONE_API_TOKEN=gQYyG6cRw-emp_qpsUj9TrkYgoVC1v9UUtv94ozA"
  ];

  virtualisation.docker.enable = true;
}