{ config, pkgs, lib, ... }:
{
  options.services.fooud = {
    enable = lib.mkEnableOption config.description;
    repos = lib.mkOption {
      type = lib.types.listOf (lib.types.submodule ({ ... }: {
        path = lib.mkOption {
          description = "fullpath to the repositiory on your server";
          type = lib.types.string;
        };
        hooks = lib.mkOption {
          type = lib.listOf lib.types.path;
          example = [
            pkgs.writeScriptBin "post-recieve" ''
              git clone . /var/www/your/deployed/location
            ''
          ];
        };
      }));
    };
    user = lib.mkOption {
      type = lib.types.str;
      default = "fooud-deploy";
    };
  };

  config = let
    cfg = config.services.fooud;
  in lib.mkIf cfg.enable {
    environment.systemPackages = with pkgs; [ git ];
    users.users."${cfg.user}" = lib.mkIf (cfg.user != "root") {
      group = "${cfg.user}";
      isSystemUser = true;
      createHome = true;
      home = "/var/lib/${cfg.user}";
      shell = "${pkgs.git}/bin/git-shell";
    };
    users.groups."${cfg.user}" = {};

    systemd = {
      services."fooud" = {
        wantedBy = [ "multi-user.target" ];
        serviceConfig = {
          Type = "oneshot";
          User = cfg.user;
          ExecStart = pkgs.writeScriptBin "fooud-deploy"
            (lib.concatMapStrings
              (repo: ''
                if [ -d ${repo.path} ]; then
                  rm -f ${repo.path}/hooks/*
                  cp ${repo.hooks}/bin/* ${repo.name}/hooks/
                fi
              '')
            cfg.repos);
        };
      };
    };
  };
}