{
  pkgs,
  lib,
  config,
  ...
}:
let
  cfg = config.xyno.services.postgres;
in
{
  options.xyno.services.postgres.enable = lib.mkEnableOption "enables postgres";
  config = lib.mkIf cfg.enable {
    services.postgresql = {
      enable = true;
      package = pkgs.postgresql_17_jit;
      identMap = ''
        # ArbitraryMapName systemUser DBUser
        superuser_map      root      postgres
        superuser_map      postgres  postgres
        # Let other names login as themselves
        superuser_map      /^(.*)$   \1
      '';
    };
    services.prometheus.exporters.postgres = lib.mkIf config.xyno.services.monitoring.enable {
      enable = true;
    };
    xyno.services.monitoring.exporters.postgres = config.services.prometheus.exporters.postgres.port;

    xyno.impermanence.extraDirectories = [ "/var/lib/postgresql" ];

    services.borgmatic.settings.postgresql_databases = [
      {
        name = "all"; # gets run as root anyways so can log in
      }
    ];

  };
}