{pkgs, lib, config, ...}:
let inherit (config) networking;
    inherit (config.services) redmine postgresql;
in
{
  config = {
    services = {
      redmine = {
        enable = true;
        database = {
          type = "postgresql";
          host = "/tmp";
          port = postgresql.port;
        };
      };
      postgresql = {
        users."${redmine.user}" = {
          auth = "unix";
        };
        databases."${redmine.database.name}" = {
          owner = redmine.user;
          users = [ redmine.user ];
          extraConfig = ''
            GRANT USAGE  ON SCHEMA pg_catalog TO ${redmine.user};
            GRANT SELECT ON ALL TABLES IN SCHEMA pg_catalog TO ${redmine.user};
          '';
        };
      };
      nginx = {
        upstreams."redmine" = {
          servers = { "localhost:3000" = {}; };
        };
        virtualHosts."redmine" = {
          serverName = "redmine.${networking.domain}";
          serverAliases =
            map (domainAlias: "redmine." + domainAlias)
                config.networking.domainAliases;
          locations = {
            "/" = {
              extraConfig = ''
                proxy_next_upstream error timeout
                 invalid_header http_500 http_502 http_503;
                proxy_pass http://localhost:3000;
              '';
            };
          };
        };
      };
    };
    systemd.services.redmine = {
      environment.REDMINE_LANG = lib.mkForce "fr";
    };
    #users.users."${redmine.user}" = {
    #  extraGroups = [ "postgres" ];
    #};
  };
}