{
  config,
  lib,
  pkgs,
  ...
}:
let
  cfg = config.xyno.presets.server;
  msmtpConfigItems = [
    "host"
    "port"
    "from"
    "user"
    "password"

  ];
in
{
  options.xyno.presets.server.enable =
    lib.mkEnableOption "enables xynos base server config (ssh/smart/email/zed/...)";
  config = lib.mkIf cfg.enable {
    services.openssh.enable = true;
    users.users.root.openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID/oMAi5jyQsNohfhcSH2ItisTpBGB0WtYTVxJYKKqhj"
    ]; # theseus

    environment.etc."msmtprc".enable = false;
    sops.defaultSopsFile = ../../secrets/common.yaml;
    sops.secrets = lib.mkMerge (
      [
        {
          "msmtp/aliases" = {
            path = "/etc/aliases";
          };
        }
      ]
      ++ (map (x: { "msmtp/${x}" = { }; }) msmtpConfigItems)
    );
    sops.templates."msmtprc" = {
      path = "/etc/msmtprc";
      content = ''
        defaults
        allow_from_override off
        set_from_header on
        auth on
        tls on
        tls_starttls off

        account default
        ${lib.concatStringsSep "\n" (
          map (x: "${x} ${config.sops.placeholder."msmtp/${x}"}") msmtpConfigItems
        )}
        auth on

        aliases /etc/aliases
      '';
    };

    programs.msmtp = {
      enable = true;
    };

    services.smartd = {
      enable = true;
      extraOptions = [ "--interval=7200" ];
      notifications.test = true;
    };

    # emails for zfs
    services.zfs.zed.enableMail = true;
    services.zfs.zed.settings = {
      ZED_EMAIL_ADDR = [ "root" ];
      ZED_EMAIL_PROG = "${pkgs.msmtp}/bin/msmtp";
      ZED_EMAIL_OPTS = "@ADDRESS@";

      ZED_NOTIFY_INTERVAL_SECS = 7200;
      ZED_NOTIFY_VERBOSE = true;

      ZED_USE_ENCLOSURE_LEDS = false;
      ZED_SCRUB_AFTER_RESILVER = true;
    };

  };
}