{ config, lib, pkgs, hostName, ... }:

{
  home.packages = with pkgs; [ davmail ];
  programs = {
    mbsync = {
      enable = true;
      groups.inboxes = {
        proton = [ "INBOX" ];
        icloud = [ "INBOX" ];
        ukaea = [ "INBOX" ];
      };
    };
    msmtp.enable = true;
    mu.enable = true;
  };
  services = {
    mbsync = {
      enable = true;
      frequency = "*:0/15";
    };
    imapnotify.enable = true;
  };
  accounts.email = {
    maildirBasePath = ".mail";
    accounts = let realName = "Evie Litherland-Smith";
    in {
      proton = let
        host = "127.0.0.1";
        tls.enable = false;
        accountEnabled = true;
      in rec {
        inherit realName;
        primary = lib.mkDefault true;
        maildir.path = "Proton";
        imap = {
          inherit host tls;
          port = 1143;
        };
        smtp = {
          inherit host tls;
          port = 1025;
        };
        address = "e.litherlandsmith@proton.me";
        aliases = [ "evie@xenia.me.uk" "evie@litherlandsmith.slmail.me" ];
        userName = address;
        passwordCommand =
          "${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
        imapnotify = {
          enable = lib.mkDefault accountEnabled;
          boxes = [ "INBOX" ];
          onNotify = "${pkgs.isync}/bin/mbsync proton:INBOX";
          onNotifyPost =
            "${pkgs.libnotify}/bin/notify-send 'Proton: Inbox updated'";
          extraConfig = {
            wait = 300;
            tls = false;
            tlsOptions.rejectUnauthorized = false;
          };
        };
        mbsync = {
          enable = lib.mkDefault accountEnabled;
          create = "both";
          expunge = "both";
          remove = "both";
          patterns = [ "*" "!All Mail" "!Spam" "!Labels*" "!Starred" ];
          subFolders = "Verbatim";
          extraConfig.account.AuthMechs = "LOGIN";
        };
        msmtp = {
          enable = lib.mkDefault accountEnabled;
          extraConfig = {
            tls = "off";
            auth = "login";
          };
        };
        mu.enable = lib.mkDefault accountEnabled;
      };
      icloud = let accountEnabled = true;
      in rec {
        inherit realName;
        primary = lib.mkDefault false; # TEMP until proton is fixed
        maildir.path = "iCloud";
        imap.host = "imap.mail.me.com";
        smtp.host = "smtp.mail.me.com";
        address = "e.litherlandsmith@icloud.com";
        userName = address;
        passwordCommand =
          "${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
        imapnotify = {
          enable = lib.mkDefault accountEnabled;
          boxes = [ "INBOX" ];
          onNotify = "${pkgs.isync}/bin/mbsync icloud:INBOX";
          onNotifyPost =
            "${pkgs.libnotify}/bin/notify-send 'iCloud: Inbox updated'";
          extraConfig.wait = 300;
        };
        mbsync = {
          enable = lib.mkDefault accountEnabled;
          create = "both";
          expunge = "both";
          remove = "both";
          patterns = [ "*" "!Junk" ];
          subFolders = "Verbatim";
        };
        msmtp.enable = lib.mkDefault accountEnabled;
        mu.enable = lib.mkDefault accountEnabled;
      };
      ukaea = let
        host = "127.0.0.1";
        tls.enable = false;
        accountEnabled = true;
      in rec {
        inherit realName;
        primary = lib.mkDefault false;
        maildir.path = "UKAEA";
        imap = {
          inherit host tls;
          port = 1144;
        };
        smtp = {
          inherit host tls;
          port = 1026;
        };
        address = "evie.litherland-smith@ukaea.uk";
        aliases = [ "elitherl@jet.uk" ];
        userName = address;
        passwordCommand =
          "${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
        imapnotify = {
          enable = lib.mkDefault accountEnabled;
          boxes = [ "INBOX" ];
          onNotify = "${pkgs.isync}/bin/mbsync ukaea:INBOX";
          onNotifyPost =
            "${pkgs.libnotify}/bin/notify-send 'UKAEA: Inbox updated'";
          extraConfig = {
            wait = 300;
            tls = false;
            tlsOptions.rejectUnauthorized = false;
          };
        };
        mbsync = {
          enable = lib.mkDefault accountEnabled;
          create = "both";
          expunge = "both";
          remove = "both";
          patterns =
            [ "*" "!Junk" "!Snoozed" "!Sync Issues" "!Unsent Messages" ];
          subFolders = "Verbatim";
          extraConfig.account.AuthMechs = "LOGIN";
        };
        msmtp = {
          enable = lib.mkDefault accountEnabled;
          extraConfig = {
            tls = "off";
            auth = "login";
          };
        };
        mu.enable = lib.mkDefault accountEnabled;
      };
    };
  };
  systemd.user.services = let emailAccounts = config.accounts.email.accounts;
  in {
    imapnotify-proton.Unit = lib.mkIf emailAccounts.proton.imapnotify.enable {
      Wants = [ "protonmail-bridge.service" ];
      After = [ "protonmail-bridge.service" ];
    };
    imapnotify-ukaea.Unit = lib.mkIf emailAccounts.ukaea.imapnotify.enable {
      Wants = [ "davmail.service" ];
      After = [ "davmail.service" ];
    };
    protonmail-bridge = lib.mkIf emailAccounts.proton.mbsync.enable {
      Unit = {
        Description = "Podman container-protonmail-bridge.service";
        Documentation = [ "man:podman-generate-systemd(1)" ];
        Wants = [ "network-online.target" ];
        After = [ "network-online.target" ];
        RequiresMountsFor = "%t/containers";
      };
      Service = {
        Environment =
          [ "PODMAN_SYSTEMD_UNIT=%n" "PATH=/run/wrappers/bin/:$PATH" ];
        Restart = "always";
        TimeoutStopSec = 70;
        ExecStart = ''
          ${pkgs.podman}/bin/podman run \
            --cidfile=%t/%n.ctr-id \
            --cgroups=no-conmon \
            --rm \
            --sdnotify=conmon \
            --replace \
            -d \
            --name=protonmail-bridge \
            -v protonmail:/root \
            -p 127.0.0.1:1025:25/tcp \
            -p 127.0.0.1:1143:143/tcp shenxn/protonmail-bridge'';
        ExecStop = ''
          ${pkgs.podman}/bin/podman stop \
            --ignore -t 10 \
            --cidfile=%t/%n.ctr-id'';
        ExecStopPost = ''
          ${pkgs.podman}/bin/podman rm \
            -f \
            --ignore -t 10 \
            --cidfile=%t/%n.ctr-id'';
        Type = "notify";
        NotifyAccess = "all";
      };
      Install.WantedBy = [ "default.target" ];
    };
    davmail = lib.mkIf emailAccounts.ukaea.mbsync.enable {
      Unit = {
        Description = "Davmail server";
        Wants = [ "network-online.target" ];
        After = [ "network-online.target" ];
      };
      Service = {
        Environment = [ "PATH=/run/current-system/sw/bin/:$PATH" ];
        Restart = "always";
        ExecStartPre = with config.home; ''
          /bin/sh -c "if [ ! -f ${homeDirectory}/.davmail.properties ]; then cp ${
            ./.davmail.properties
          } ${homeDirectory}/.davmail.properties; fi; chmod 644 ${homeDirectory}/.davmail.properties"
        '';
        ExecStart =
          "${pkgs.davmail}/bin/davmail -notray ${config.home.homeDirectory}/.davmail.properties";
      };
      Install.WantedBy = [ "default.target" ];
    };
  };
}