{ pkgs, lib, ... }:
let
  sftpRoot = "/var/lib/sftp";
in
{
  systemd.mounts = [
    {
      where = "${sftpRoot}/films";
      type = "none";
      what = "/mnt/off3/julm/public/podcasts/films";
      options = "bind,rw,noauto";
      requires = [ "zfs-import@off3.service" ];
      after = [
        "zfs-import@off3.service"
        "zfs-mount.service"
        "var-lib-sftp.mount"
        "mnt-off3-julm-public-podcasts.mount"
      ];
      #bindsTo = [ "mnt-off3-julm-public-podcasts.mount" ];
      unitConfig = {
        #AssertDirectoryNotEmpty = "/mnt/off3/julm/public/podcasts/films";
      };
    }
  ];
  systemd.automounts = [
    {
      where = "${sftpRoot}/films";
      wantedBy = [ "zfs-mount.service" ];
      after = [ "zfs-mount.service" "var-lib-sftp.mount" ];
      #automountConfig.TimeoutIdleSec = "5 min";
    }
  ];
  #fileSystems."${sftpRoot}/camera" = {
  #  device = "/mnt/off2/julm/perso/camera";
  #  options = [ "bind" "ro" "noauto" ];
  #};
  services.openssh.extraConfig = ''
    Match User sevy
      AllowAgentForwarding no
      AllowTcpForwarding no
      ChrootDirectory ${sftpRoot}
      ForceCommand internal-sftp -u 0002
      X11Forwarding no
  '';
}