{ pkgs, lib, config, hostName, ... }:
{
  users.users.backup = {
    isSystemUser = true;
    shell = config.users.users.root.shell;
    group = config.users.groups.disk.name;
    openssh.authorizedKeys.keys = [
      (lib.readFile ../pumpkin/syncoid/ssh.key.pub)
    ];
  };
  # Trigger import when disks are plugged
  services.udev.extraRules = ''
    SUBSYSTEM=="block", KERNEL=="sd*", ENV{ID_SERIAL}=="Samsung_SSD_860_EVO_1TB_S3Z9NR0N508159W", \
      ACTION=="add", ENV{SYSTEMD_WANTS}+="zfs-import@off2.service"
    SUBSYSTEM=="block", KERNEL=="sd*", ENV{ID_SERIAL}=="Samsung_SSD_860_EVO_1TB_S3Z9NR0N508159W", \
      ACTION=="remove", RUN+="${pkgs.systemd}/bin/systemctl stop --no-block zfs-import@off2.service"
  '';
  # Setup permissions on disk off2
  systemd.services."zfs-import@".serviceConfig.ExecStartPost = pkgs.writeShellScript "zfs-allow" ''
    set -eux
    pool="$1"
    case "$pool" in
      (off2) zfs allow -u ${config.users.users.backup.name} change-key,compression,create,destroy,mount,mountpoint,receive,rollback "$pool"/julm/backup;;
    esac
  '' + " %I";
  systemd.tmpfiles.rules = [
    "z /dev/zfs 0660 - ${config.users.groups."disk".name}  -"
  ];
  systemd.services.sanoid.serviceConfig.SupplementaryGroups = [
    config.users.groups."disk".name
  ];
  services.sanoid = {
    enable = true;
    extraArgs = [ "--verbose" ];
    datasets = {
      "${hostName}/home" = {
        autosnap = true;
        autoprune = true;
        hourly = 12;
        daily = 3;
        monthly = 0;
        yearly = 0;
        recursive = true;
      };
      "${hostName}/var" = {
        autosnap = true;
        autoprune = true;
        hourly = 12;
        daily = 1;
        monthly = 0;
        yearly = 0;
        recursive = true;
      };
      "off2/julm/perso" = {
        autosnap = true;
        autoprune = true;
        frequently = 0;
        hourly = 1;
        daily = 7;
        monthly = 0;
        yearly = 0;
        recursive = true;
      };
      "off2/julm/public" = {
        autosnap = true;
        autoprune = true;
        frequently = 0;
        hourly = 1;
        daily = 7;
        monthly = 0;
        yearly = 0;
        recursive = true;
      };
      "off2/julm/virt" = {
        autosnap = true;
        autoprune = true;
        frequently = 0;
        hourly = 1;
        daily = 2;
        monthly = 2;
        yearly = 0;
        recursive = true;
      };
      "off2/julm/backup/das1/julm/perso" = {
        autosnap = false;
        autoprune = true;
        frequently = 1;
        hourly = 12;
        daily = 7;
        monthly = 3;
        yearly = 0;
        recursive = true;
      };
      "off2/julm/backup/das1/julm/public" = {
        autosnap = false;
        autoprune = true;
        frequently = 1;
        hourly = 0;
        daily = 1;
        monthly = 3;
        yearly = 0;
        recursive = true;
      };
      "off2/julm/backup/losurdo" = {
        autosnap = false;
        autoprune = true;
        frequently = 1;
        hourly = 1;
        daily = 7;
        monthly = 1;
        yearly = 0;
        recursive = true;
      };
      "off2/julm/backup/mermet" = {
        autosnap = false;
        autoprune = true;
        frequently = 1;
        hourly = 1;
        daily = 7;
        monthly = 1;
        yearly = 0;
        recursive = true;
      };
      "off2/julm/backup/oignon" = {
        autosnap = false;
        autoprune = true;
        hourly = 0;
        daily = 7;
        monthly = 3;
        yearly = 0;
        recursive = true;
      };
      "off2/julm/backup/pumpkin" = {
        autosnap = false;
        autoprune = true;
        hourly = 12;
        daily = 7;
        monthly = 3;
        yearly = 0;
        recursive = true;
      };
    };
  };
}